Configuring Additional KeyControl Nodes

After the AWS instance is deployed, you need to configure the KeyControl node using SSH. The following procedure describes how to configure the node as part of an existing KeyControl cluster. If you want to configure this node as the first node in the KeyControl cluster, see Configuring the First KeyControl Node.

Before You Begin 

Make sure that the new KeyControl node can communicate with the KeyControl nodes in the existing KeyControl cluster. For details, see your AWS documentation.

Make sure you have the following information:

  • The Amazon instance ID for the new KeyControl instance.
  • The Elastic (Public) IP address associated with the new instance.

  • The private key file (in pem format) that was used when the new instance was created.

    Tip: To find this information, select Instances from the Amazon Management Console EC2 Dashboard, then select the KeyControl instance in the table. In the Description tab, look at the Instance ID, IPv4 Public IP, and Key pair name fields.

  • The private IP address of one of the existing KeyControl nodes in the cluster.

    Tip: To find this IP address, log into the KeyControl webGUI on one of the existing nodes and click Cluster in the top menu bar. Go to the Servers tab and look at the IP address in the table.

Procedure 

  1. Open a terminal window and navigate to the directory in which you have stored the private key file. If you have not used this key file before, make sure the permissions are set to -r-------- (chmod 400).

  2. Log into the sysmenus account on the KeyControl instance using the private key file.

    ssh -i <key-file>.pem sysmenus@<Elastic-IP-addy>

    where key-file.pem is the name of the key pair associated with the instance and Elastic-IP-Addy is the public IPv4 address associated with the instance. For example, if your key pair is called KeyControl-Cluster-NorthAmerica.pem and the Elastic IP address is 52.18.58.35, you would enter:

    ssh -i KeyControl-Cluster-NorthAmerica.pem sysmenus@52.18.58.35

  3. When prompted for the sysmenus password, enter the Amazon instance ID for the KeyControl instance that you are configuring.

  4. On the Set System Password screen, enter a password for the KeyControl system administration account root and press Enter. The password must contain at least 6 characters and cannot contain spaces or any non-ASCII characters.

    This password cannot be reset from within KeyControl. If you lose the password, you will need to re-install the KeyControl software.

    Note: This password controls access to the System Console Menu that allows users to perform some KeyControl administration tasks. It does not permit a KeyControl user to access the full OS.
  5. When prompted about whether you want to add this node to an existing cluster, select Yes and press Enter.
  6. On the confirmation screen, press Enter.

  7. Enter the private (internal) IP address of one of the KeyControl nodes in the existing cluster.

    Tip: To find this IP address, log into the KeyControl webGUI on one of the existing nodes and click Cluster in the top menu bar. Go to the Servers tab and look at the IP address in the table.
  8. If prompted, enter a 16 character passphrase and press Enter.
  9. Authenticate the KeyControl node in the KeyControl webGUI. For details, see Authenticating New KeyControl Nodes.
  10. Review the confirmation dialog that provides the public URLs that can be used with the KeyControl webGUI as well as the private IP address that you can use if you want to add other KeyControl nodes to this cluster. When you are done, press Enter to finish the installation and view the main System Console Menu.

 

HyTrust DataControl v 4.3.2

Copyright © 2019 HyTrust, Inc. All Rights Reserved.

Follow us: