Installing KeyControl from an OVA Template

Before You Begin 

Make sure that:

• You know the IP address and any required network connection information, such as the domain name and the DNS and gateway IP addresses, for the machine on which you are installing KeyControl.

• You have the required permissions to install software on the target system.

• The target system meets the basic system requirements described in System Requirements.

Important:

Make sure that all KeyControl nodes reside on devices that are not encrypted. KeyControl has its own internal encryption, and it must be available to provide the keys for the encrypted devices before the encrypted devices can be accessed.

Procedure 

1. Open your vSphere Web Client.

   Note:

   The following procedure uses the vSphere Web Client version 6.5. If you are using a different version of the Web Client, the procedure may vary slightly.

2. Navigate to Hosts and Clusters.

3. Select Actions > Deploy OVF Template.

   Note:

   In this context, OVF and OVA are synonymous.

4. On the Select template page of the Deploy OVF Template wizard, browse to the location of your OVA file.
5. Select the file and click Next.

6. Specify the appropriate installation information in the remaining pages of the Deploy OVF Template wizard. Required fields are shown in red.

   On the Select configuration page, the configuration options use the following resources:

   Resource	Demo or Proof of Concept	Standard Installation	Large Installation
   CPUs	2	2	4
   RAM	1 GB	8 GB	16 GB
   Disk	20 GB	20 GB	20 GB

   On the Customize template page:

   • If you want to specify multiple DNS servers, enter their IP addresses as a comma-separated or space-separated list.

   • Specify a static IP address in the KeyControl system IP address field. If you have an internal IP address that differs from your external IP address due to your firewall configuration, use the internal IP address.

     If you intend to configure only one network interface for the node, the IP address you specify here must be able to communicate on TCP/2525, TCP/443, and TCP/8443. We highly recommend that you do not change this interface after the node has been deployed.

     If you intend to configure multiple NICs on this VM to segregate network traffic, the IP address you specify here will become the management interface for the node. This IP address must be able to communicate on port TCP/2525, and it will be responsible for handling all authentication requests and for initializing the communication between all nodes in the cluster. We highly recommend that you do not change this interface after the node has been deployed. For details about multi-NIC configuration, see Multi-NIC Node Configuration.

   • Do not use spaces or special characters in the KeyControl system hostname and Domain Name fields. Only use alphanumeric characters or hyphens (-).

   For information about the other fields in this wizard, see your vSphere Web Client documentation.

7. After you have finished entering the installation information, click Next and review your choices on the Ready to complete page.

   Depending on the version of the vSphere Web Client that you are using, there may be a Power on after deployment check box available on this page. If you want the installer to bring the KeyControl node up automatically, select this check box.

8. Click Finish to install the KeyControl node.

9. Wait until you receive a message that the installation is complete.

   You can view the installation progress in the Recent Tasks tab in the vSphere Web Client.

   Note:

   If you intend to configure the KeyControl VM with multiple NICs in order to segregate network traffic, do not add those NICs at this point. Instead, configure the KeyControl node using the NIC you specified when you customized the OVA template during deployment. You can add additional NICs to the VM at any point after the initial configuration is complete.

10. If vSphere did not automatically power on the KeyControl VM after it was deployed, power it on at this point.

11. Configure the node as a standalone node or join it to an existing cluster. For details, see one of the following:

    • If this is the first KeyControl node in the system or if you want this to be a standalone node, follow the steps in Configuring the First KeyControl Node (OVA Install).
    • If you are adding this node to an existing KeyControl cluster, follow the steps in Adding a New KeyControl Node to an Existing Cluster (OVA Install).