Setting up the node to run in secure mode


Setting up the node to run in secure mode
Prev	Adding a node to a cluster	Next

You must follow this procedure only if you are adding a node to a cluster that is running in secure mode. If you are adding a node to a cluster that is not running in a secure mode, proceed with configuring LLT and GAB.

See Configuring LLT and GAB.

Table: The command examples definitions uses the following information for the following command examples.

Table: The command examples definitions

Name	Fully-qualified host name (FQHN)	Function
saturn	saturn.nodes.example.com	The new node that you are adding to the cluster.
RB1	RB1.brokers.example.com	The root broker for the cluster
RB2	RB2.brokers.example.com	Another root broker, not the cluster's RB

To verify the existing security setup on the node

If node saturn is configured as an authentication broker (AB) belonging to a root broker, perform the following steps. Else, proceed to configuring the authentication broker on node saturn.

See Configuring the authentication broker on node saturn.

Find out the root broker to which the node saturn belongs using the following command.

# vssregctl -l -q -b \
"Security\Authentication\Authentication Broker" \
 -k "BrokerName"

If the node saturn already belongs to root broker RB1, it is configured as part of the cluster. Proceed to setting up VCS related security configuration.

See Setting up VCS related security configuration.
If the node saturn belongs to a different root broker (for example RB2), perform the following steps to remove the security credentials from node saturn.
- Kill /opt/VRTSat/bin/vxatd process.
- Remove the credential that RB2 has given to AB on node saturn.
```
# vssat deletecred --domain type:domainname \ 
--prplname prplname
```
  For example:
```
# vssat deletecred --domain vx:root@RB2.brokers.example.com \ 
--prplname saturn.nodes.example.com
```

Prev	Up	Next
Installing the VCS software manually when adding a node	Home	Configuring the authentication broker on node saturn