Versions Compared

Version Old Version 1 New Version 2
Changes made by

Anjali Tyagi

Anjali Tyagi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

There are some configuration settings that are site-specific. These relate to:

  • DNS settings - These are required for proper DHCP configuration.

  • Administrative user name and password - Once these are set, no commands will be accepted by the Platform server without proper authentication.

  • Disk encryption settings - These relate to Encryption at Rest and should be skipped unless otherwise specified by DataCore Support.

To specify these values, run the following command:

zorctl diagnostics config scan_missing

Info

Once the administrative user name and password have been set, this process will be interrupted to allow zorctl to be configured with the administrative user name and password for future interaction with the Platform server. To perform this configuration, run:

zorctl auth login --user {administrative user name}

This command will securely prompt for the administrative password and authenticate with the Platform Server. Once the CLI is logged in, re-run the configuration scan command to resume.

Below is an example of the start of the scanning process:

...

Some Swarm configuration settings are site-specific and related to: 

  • DNS settings - There are queried for proper DHCP configuration 

  • Administrative username and password - Once the administrator username and password are set, the platform server will not accept any unauthenticated commands. 

  • Disk encryption settings - These settings are related to “Encryption at REST” and should be ideally skipped unless specified by DataCore Support. 

To specify these values, run scsctl diagnostics config scan_missing command.

Info

Once the administrative username and password are set, this process will be interrupted to allow scsctl to be configured with the administrative username and password for the future interaction with the platform server. To perform this configuration, run: 

scsctl auth login --user [administrative user name] 

This command will securely prompt the administrative password and authenticate to the platform server. Once the CLI is logged in, re-run the configuration scan command to resume. 

Finalize Configuration Settings

Note

  • When configuring Swarm settings, input characters are hidden such as ‘admin.userName’, ‘admin.password’, ‘encryptionKeys’, etc. It is advised to use inputs on a raw text editor and do copy & paste to prevent any typo mistakes. 

  1. Run scsctl diagnostic config scan_missing.

    Code Block
    ====================================================================================================== 
Component: network_boot 
----------------------

...

  1. ------------------------ 
Name: network.

...

  1. dnsServers 
Type: array[str] 
Description: Required. DNS servers to be used. 
---------------------------------------------- 

...

  1. Component

...

  1. Group: network_boot/192.168.9.0x24.network

...

  1. _boot.scs-hklab1.datacore.internal [DEFAULT GROUP] 
Instances cannot currently inherit these from the group (since they have not been defined at the group level), so these settings must instead be defined for each instance! 

If any new instances are added, please define these settings, or define them at the group level to apply to all instances.  Best practice is to define them at the group level if possible. 

  2. Hit ‘Enter’ to apply settings as a default at the group level.

    Code Block
    ---------------------------------------------- 
Name: network.dnsServers 
Type: array[str] 
Description: Required. DNS servers to be used. 
---------------------------------------------- 
Missing setting: network_boot/network.dnsServers 

Where would you like to update this setting?
> As a default at group level 
  For each instance in the group 
  Skip this setting for now 

  3. Enter DNS Servers.

    Code Block
    ---------------------------------------------- 
Name: network.dnsServers 
Type: array[str] 
Description: Required. DNS servers to be used. 
---------------------------------------------- 
Missing setting: network_boot/network.dnsServers
 network.dnsServers [type: array[str]] (Required. DNS servers to be used.):
172.16.33.4,172.16.33.5

====================================================================================================== 
Component: platform 
------------------------------------------------------------------------------------------------------ 
Name: admin.password 
Type: str 
Description: Administrative user password 
------------------------------------------------------------------------------------------------------ 
Name: admin.userName 
Type: str 
Description: Administrative user name 
------------------------------------------------------------------------------------------------------ 
Name: logging.syslogHost 
Type: str 
Description: If defined, then the host that component instances should use for syslog logging. 
------------------------------------------------------------------------------------------------------ 
Name: network.dnsDomain 
Type: str 
Description: Required. The DNS domain name that will be used. 
------------------------------------------------------------------------------------------------------ 
Name: network.ntpServers 
Type: array[str] 
Description: Required. The IP address(es) of one or more NTP servers. If the nodes cannot access public NTP servers, they will time out waiting for a connection and automatically restart. Only use trusted NTP servers, whether they are dedicated hardware solutions in your internal network or external, public servers that the nodes can access over the network.
------------------------------------------------------------------------------------------------------ 
Component Group: platform/global.platform.scs-hklab1.datacore.internal [DEFAULT GROUP] 
Instances cannot currently inherit these from the group (since they have not been defined at the group level), so these settings must instead be defined for each instance!

If any new instances are added, please define these settings, or define them at the group level to apply to all instances.  Best practice is to define them at the group level if possible.
------------------------------------------------------------- 
Name: admin.password 
Type: str 
Description: Administrative user password 
------------------------------------------------------------- 
Name: admin.userName 
Type: str 
Description: Administrative user name 
------------------------------------------------------------- 
Name: network.dnsDomain 
Type: str 
Description: Required. The DNS domain name that will be used. 
------------------------------------------------------------- 

  4. Hit ‘Enter’ to apply the password at the group level.

    Code Block
    Missing setting: platform/admin.password

Where would you like to update this setting? 
> As a default at group level 
  For each instance in the group 
  Skip this setting for now 

  5. Enter the administrator password e.g., datacore, where the input characters are hidden.

    Code Block
    Missing setting: platform/admin.password

admin.password [type: str ***SECURE***] (Administrative user password): 
datacore 
Please re-enter to confirm: 
datacore 

  6. Hit ‘Enter” to apply the user name at the group level.

    Code Block
    Missing setting: platform/admin.userName

Where would you like to update this setting? 
> As a default at group level 
  For each instance in the group 
  Skip this setting for now 

  7. Enter the administrator user name e.g., dcadmin, where input characters are hidden.

    Code Block
    Missing setting: platform/admin.userName 

admin.userName [type: str ***SECURE***] (Administrative user name): 
dcadmin 
Please re-enter to confirm: 
dcadmin 
Authentication state may have changed in the API! 
Please log in, then re-run this command to resume: 
  > scsctl auth login --user "{administrative user name}" 
  > scsctl diagnostics config scan_missing 

  8. Login to Platform Server CLI via scsctl auth login --user datacore. It is important that input characters are hidden.

    Code Block
    [root@zorc Platform]# scsctl auth login --user datacore 
Enter password for user "dcadmin": 
datacore
Logged in 

  9. Continue finalizing after logged in using scsctl diagnostics config scan_missing.

    Code Block
    ====================================================================================================== 
Component: network_boot 
---------------------------------------------- 
Name: network.dnsServers 
Type: array[str] 
Description: Required. DNS servers to be used. 
---------------------------------------------- 

Component Group: network_boot/192.168.9.0x24.network_boot.scs-hklab1.datacore.internal [DEFAULT GROUP] 
all settings defined for group
======================================================================================================

Component: platform 
------------------------------------------------------------------------------------------------------ 
Name: admin.password 
Type: str
Description: Administrative user password 
------------------------------------------------------------------------------------------------------ 
Name: admin.userName 
Type: str 
Description: Administrative user name 
------------------------------------------------------------------------------------------------------ 
Name: logging.syslogHost 
Type: str 
Description: If defined, then the host that component instances should use for syslog logging. 
------------------------------------------------------------------------------------------------------ 
Name: network.dnsDomain 
Type: str 
Description: Required. The DNS domain name that will be used.
------------------------------------------------------------------------------------------------------ 
Name: network.ntpServers 
Type: array[str] 
Description: Required. The IP address(es) of one or more NTP servers. If the nodes cannot access public NTP servers, they will time out waiting for a connection and automatically restart. Only use trusted NTP servers, whether they are dedicated hardware solutions in your internal network or external, public servers that the nodes can access over the network.
------------------------------------------------------------------------------------------------------ 

Component Group: platform/global.platform.scs-hklab1.datacore.internal [DEFAULT GROUP] 

Instances cannot currently inherit these from the group (since they have not been defined at the group level), so these settings must instead be defined for each instance!

If any new instances are added, please define these settings, or define them at the group level to apply to all instances.  Best practice is to define them at the group level if possible.

  10. Configure DNS domain and apply it at the group level.

    Code Block
    ------------------------------------------------------------- 
Name: network.dnsDomain 
Type: str 
Description: Required. The DNS domain name that will be used. 
------------------------------------------------------------- 
Missing setting: platform/network.dnsDomain

Where would you like to update this setting? 
> As a default at group level 
  For each instance in the group 
  Skip this setting for now

  11. Set the DNS domain.

    Code Block
    ------------------------------------------------------------- 
Name: network.dnsDomain 
Type: str 
Description: Required. The DNS domain name that will be used. 
------------------------------------------------------------- 
Missing setting: platform/network.dnsDomain 

 network.dnsDomain [type: str] (Required. The DNS domain name that will be used.): 
 datacore.internal
======================================================================================================

Component: storage 
------------------------------------------------------------------------------------------------------ 
Name: disk.encryptionKeyPrimary 
Type: str 
Description: The mnemonic name of the encryption key to use for encrypting new Swarm volumes. Do not use quotes. For this key to be used, disk.encryptNewVolumes must be set to True. 
------------------------------------------------------------------------------------------------------ 
Name: disk.encryptionKeys 
Type: dict[str,str] 
Description: A comma-separated list of mnemonic name and encryption key pairs, used for accessing encrypted Swarm volumes. 
------------------------------------------------------------------------------------------------------ 
Name: support.proxyPassword 
Type: str 
Description: Proxy authentication password 
------------------------------------------------------------------------------------------------------ 

Component Group: storage/objstor.scs-hklab1.datacore.internal [DEFAULT GROUP]
Instances cannot currently inherit these from the group (since they have not been defined at the group level), so these settings must instead be defined for each instance! 

If any new instances are added, please define these settings, or define them at the group level to apply to all instances.  Best practice is to define them at the group level if possible.
------------------------------------------------------------------------------------------------------ 
Name: disk.encryptionKeyPrimary 
Type: str 
Description: The mnemonic name of the encryption key to use for encrypting new Swarm volumes. Do not use quotes. For this key to be used, disk.encryptNewVolumes must be set to True.
------------------------------------------------------------------------------------------------------ 
Name: disk.encryptionKeys 
Type: dict[str,str] 
Description: A comma-separated list of mnemonic name and encryption key pairs, used for accessing encrypted Swarm volumes. 
------------------------------------------------------------------------------------------------------ 
Name: support.proxyPassword 
Type: str 
Description: Proxy authentication password 
------------------------------------------------------------------------------------------------------

  12. Apply encryption primary at the group level.

    Code Block
    Missing setting: storage/disk.encryptionKeyPrimary 

Where would you like to update this setting? 
> As a default at group level 
  For each instance in the group 
  Skip this setting for now 

  13. Enter encryption primary key e.g., primarykey.

    Code Block
    Missing setting: storage/disk.encryptionKeyPrimary

disk.encryptionKeyPrimary [type: str ***SECURE***] (The mnemonic name of the encryption key to use for encrypting new Swarm volumes. Do not use quotes. For this key to be used, disk.encryptNewVolumes must be set to True.): 
primarykey 

Please re-enter to confirm:
primarykey 

  14. Apply encryption Keys at the group level.

    Code Block
    Missing setting: storage/disk.encryptionKeys

Where would you like to update this setting?
> As a default at group level
  For each instance in the group
  Skip this setting for now

  15. Enter encryption keys in JSON format e.g., {'primarykey':'a24f8ec391ab3341'}.

    Code Block
    Missing setting: storage/disk.encryptionKeys

disk.encryptionKeys [type: dict[str,str] ***SECURE***] (A comma-separated list of mnemonic name and encryption key pairs, used for accessing encrypted Swarm volumes.):
{'primarykey':'a24f8ec391ab3341'}
Please re-enter to confirm:
{'primarykey':'a24f8ec391ab3341'}

  16. Apply proxy password at the group level.

    Code Block
    Missing setting: storage/support.proxyPassword

Where would you like to update this setting?
> As a default at group level
  For each instance in the group
  Skip this setting for now

  17. Enter proxy password e.g., datacore.

    Code Block
    Missing setting: storage/support.proxyPassword 
datacore 
support.proxyPassword [type: str ***SECURE***] (Proxy authentication password): 
datacore 
Please re-enter to confirm:

  18. Run diagnostics again via scsctl diagnostics config scan_missing to make sure all the configurations are set.

    Code Block
    ====================================================================================================== 
Component: network_boot 
---------------------------------------------- 
Name: network.dnsServers 
Type: array[str] 
Description: Required. DNS servers to be used.
---------------------------------------------- 

Component Group: network_boot/192.168.9.0x24.network_boot.scs-hklab1.datacore.internal [DEFAULT GROUP] 
all settings defined for group 
====================================================================================================== 

Component: platform
------------------------------------------------------------------------------------------------------ 
Name: admin.password 
Type: str 
Description: Administrative user password 
------------------------------------------------------------------------------------------------------ 
Name: admin.userName 
Type: str 
Description: Administrative user name 
------------------------------------------------------------------------------------------------------ 
Name: logging.syslogHost 
Type: str 
Description: If defined, then the host that component instances should use for syslog logging. 
------------------------------------------------------------------------------------------------------ 
Name: network.dnsDomain 
Type: str 
Description: Required. The DNS domain name that will be used. 
------------------------------------------------------------------------------------------------------ 
Name: network.ntpServers 
Type: array[str] 
Description: Required. The IP address(es) of one or more NTP servers. If the nodes cannot access public NTP servers, they will time out waiting for a connection and automatically restart. Only use trusted NTP servers, whether they are dedicated hardware solutions in your internal network or external, public servers that the nodes can access over the network.
------------------------------------------------------------------------------------------------------ 

Component Group: platform/global.platform.scs-hklab1.datacore.internal [DEFAULT GROUP]
all settings defined for group 
====================================================================================================== 

Component: storage
------------------------------------------------------------------------------------------------------ 
Name: disk.encryptionKeyPrimary 
Type: str 
Description: The mnemonic name of the encryption key to use for encrypting new Swarm volumes. Do not use quotes. For this key to be used, disk.encryptNewVolumes must be set to True.
------------------------------------------------------------------------------------------------------ 
Name: disk.encryptionKeys 
Type: dict[str,str] 
Description: A comma-separated list of mnemonic name and encryption key pairs, used for accessing encrypted Swarm volumes. 
------------------------------------------------------------------------------------------------------ 
Name: support.proxyPassword 
Type: str 
Description: Proxy authentication password 
------------------------------------------------------------------------------------------------------ 

Component Group: storage/objstor.scs-hklab1.datacore.internal [DEFAULT GROUP]
all settings defined for group 

Child pages (Children Display)