Adding a New KeyControl Node to an Existing Cluster (OVA Install)

When you log into the target system for the first time after installing the KeyControl software, KeyControl displays the KeyControl System Menu. This procedure explains how to use this menu to configure this system as a new node in an existing KeyControl cluster.

Before You Begin 

Make sure you know the IP address of any KeyControl node that is already part of the cluster you want to join.

Procedure 

1. Log into the VM on which you installed the KeyControl software.

2. On the Set System Password screen, enter a password for the KeyControl system administration account root and press Enter. The password must contain at least 6 characters and cannot contain spaces or any non-ASCII characters.

   This password cannot be reset from within KeyControl. If you lose the password, you will need to re-install the KeyControl software.

   Note:

   This password controls access to the System Console Menu that allows users to perform some KeyControl administration tasks. It does not permit a KeyControl user to access the full OS.

3. When prompted about whether you want to add this node to an existing cluster, select Yes and press Enter.
4. Press Enter to confirm that you want to add the node to an existing cluster at the prompt.
5. Type the IP address of any KeyControl node already in the cluster and press Enter.

6. If prompted, type a one-time passphrase for this KeyControl node and press Enter.

   The passphrase must contain at least 16 characters. It is a temporary string used to encrypt the initial communication between this node and the existing KeyControl cluster. When you authenticate the new node with the existing cluster, you will specify this passphrase in the KeyControl webGUI so that the existing node can decrypt the communication and verify that the join request is valid.

   If the wizard can connect to the designated KeyControl node, it displays the Authentication screen informing you that the node is now part of the cluster but must be authenticated in the KeyControl webGUI before it can be used by the system.

7. Authenticate the node in the KeyControl webGUI as described in Authenticating New KeyControl Nodes.

   The Authentication screen displays a series of messages beginning with Successfully Authenticated and ending with Cluster Setup Complete after you begin the authorization process in the webGUI.

8. Once the authentication process is finished, KeyControl displays the HyTrust SecureOS Appliance Configuration screen with a message stating that the node was successfully added to the cluster and showing the IP address for the node. Press Enter to acknowledge the message.

What to Do Next 

If the installation was successful, authorize this KeyControl node as described in Authenticating New KeyControl Nodes.