Adding a Node to an Existing Cluster in vSphere

  1. Log into the KeyControl Compliance Manager webGUI with your standard account credentials.
  2. In the top right, click the Switch to Appliance Management link.
  3. In the top menu bar, click Cluster.
  4. Select Actions > Join Existing Cluster.

  5. On the Welcome to KeyControl Compliance Manager screen, click Join an Existing Cluster.

    The Join Existing Cluster window displays.

  6. On the Get Started page, review the overview information to determine that you are ready to begin. This includes: 

    • Access to the cluster you are joining the node to. We recommend that you open the KeyControl Appliance Management webGUI for the cluster in a different tab or browser window.
    • Permissions on both this node and the cluster node so you can download and import the required certificates and files.
    • A passphrase to use during the joining process. Passphrase requirements are configured by a KeyControl Appliance Management administrator in the System Settings. This phrase is a temporary string used to encrypt the initial communication between this node and the existing KeyControl Compliance Manager cluster.
    • Verifying that both this node and the cluster node are running the same KeyControl Compliance Manager version and build. The version number for the cluster node is on the Settings > System Upgrade page.
    • Entering "delete my data" to confirm that all data on the node will be deleted when it is joined.
  7. Click Continue.
  8. On the Download CSR page, click Generate and Download CSR.
  9. Click Continue.
  10. Switch to one of the existing nodes in the cluster and navigate to the Cluster page.
  11. Select Actions > Add a Node.

  12. On the Add a Node window, upload the CSR that you downloaded from the new node (in .pem format) and enter a passphrase to use during the joining process.

  13. Click Save and Download Bundle to download the certificate bundle from the cluster node.

    The certificate bundle is a .zip file you must unpack. It contains both an encrypted SSL certificate in .p12 format and a CA certificate in .pem format.

  14. Click OK to close the Add a Node window.
  15. Return to the new node and click Continue.

  16. On the Node page, upload the encrypted SSL certificate and CA certificate that you downloaded from the cluster node, enter the private IP address of any node in the existing cluster, and enter the passphrase that you selected.

    Note: KeyControl Compliance Manager uses the private IP address of its cluster members for cluster communication, such as heartbeat and object store synchronization.

  17. Click Join.

    During the joining process, a status page is displayed on the new node. Do not refresh the browser while this is in process.

    The cluster will automatically be placed in maintenance mode.

    The node will restart after the join is complete.

  18. When the node has successfully restarted, click Login.