Finalize Swarm Configuration Settings
By Anjali Tyagi
4 min
Some Swarm configuration settings are site-specific and related to:
DNS Settings - These are required for DHCP configuration.
Disk Encryption Settings - These settings are related to “Encryption at Rest” and should be skipped unless specified by DataCore Support.
Finalize Configuration Settings
Note
Input characters such as encryptionKeys are hidden when configuring Swarm settings. The best practice is to copy and paste inputs from a raw text editor to prevent any transcription or transposition errors.
Run the below command:
scsctl diagnostics config scan_missing====================================================================================================== Component: network_boot ---------------------------------------------- Name: network.dnsServers Type: array[str] Description: Required. DNS servers to be used. ---------------------------------------------- Component Group: network_boot/192.168.9.0x24.network_boot.scs-lab1.datacore.internal [DEFAULT GROUP] Instances cannot currently inherit these from the group (since they have not been defined at the group level), so these settings must instead be defined for each instance! If any new instances are added, please define these settings, or define them at the group level to apply to all instances. Best practice is to define them at the group level if possible.Click Enter to apply the settings when prompted for the DNS servers.
---------------------------------------------- Name: network.dnsServers Type: array[str] Description: Required. DNS servers to be used. ---------------------------------------------- Missing setting: network_boot/network.dnsServers Where would you like to update this setting? > As a default at group level For each instance in the group Skip this setting for nowProvide the DNS servers.
---------------------------------------------- Name: network.dnsServers Type: array[str] Description: Required. DNS servers to be used. ---------------------------------------------- Missing setting: network_boot/network.dnsServers network.dnsServers [type: array[str]] (Required. DNS servers to be used.): 172.16.33.4,172.16.33.5 ====================================================================================================== Component: platform ------------------------------------------------------------------------------------------------------ Name: admin.password Type: str Description: Administrative user password ------------------------------------------------------------------------------------------------------ Name: admin.userName Type: str Description: Administrative user name ------------------------------------------------------------------------------------------------------ Name: logging.syslogHost Type: str Description: If defined, then the host that component instances should use for syslog logging. ------------------------------------------------------------------------------------------------------ Name: network.dnsDomain Type: str Description: Required. The DNS domain name that will be used. ------------------------------------------------------------------------------------------------------ Name: network.ntpServers Type: array[str] Description: Required. The IP address(es) of one or more NTP servers. If the nodes cannot access public NTP servers, they will time out waiting for a connection and automatically restart. Only use trusted NTP servers, whether they are dedicated hardware solutions in your internal network or external, public servers that the nodes can access over the network. ------------------------------------------------------------------------------------------------------ Component Group: platform/global.platform.scs-lab1.datacore.internal [DEFAULT GROUP] Instances cannot currently inherit these from the group (since they have not been defined at the group level), so these settings must instead be defined for each instance! If any new instances are added, please define these settings, or define them at the group level to apply to all instances. Best practice is to define them at the group level if possible. ------------------------------------------------------------- Name: network.dnsDomain Type: str Description: Required. The DNS domain name that will be used. -------------------------------------------------------------Click Enter to apply at the group level when prompted for the DNS domain.
------------------------------------------------------------- Name: network.dnsDomain Type: str Description: Required. The DNS domain name that will be used. ------------------------------------------------------------- Missing setting: platform/network.dnsDomain Where would you like to update this setting? > As a default at group level For each instance in the group Skip this setting for nowSet the DNS domain.
------------------------------------------------------------- Name: network.dnsDomain Type: str Description: Required. The DNS domain name that will be used. ------------------------------------------------------------- Missing setting: platform/network.dnsDomain network.dnsDomain [type: str] (Required. The DNS domain name that will be used.): datacore.internal ====================================================================================================== Component: storage ------------------------------------------------------------------------------------------------------ Name: disk.encryptionKeyPrimary Type: str encryptionKeyPrimaryName=key1 Description: The mnemonic name of the encryption key to use for encrypting new Swarm volumes. Do not use quotes. For this key to be used, disk.encryptNewVolumes must be set to True. ------------------------------------------------------------------------------------------------------ Name: disk.encryptionKeys Type: dict[str,str] encryptionKeysName=key1 encryptionKeysValue=key1EncryptionString Description: A comma-separated list of mnemonic name and encryption key pairs, used for accessing encrypted Swarm volumes. Do not use quotes. ------------------------------------------------------------------------------------------------------ Name: support.proxyPassword Type: str Description: Proxy authentication password ------------------------------------------------------------------------------------------------------ Component Group: storage/objstor.scs-lab1.datacore.internal [DEFAULT GROUP] Instances cannot currently inherit these from the group (since they have not been defined at the group level), so these settings must instead be defined for each instance! If any new instances are added, please define these settings, or define them at the group level to apply to all instances. Best practice is to define them at the group level if possible. Do not use quotes. ------------------------------------------------------------------------------------------------------ Name: disk.encryptionKeyPrimary Type: str encryptionKeyPrimaryName=key2 Description: The mnemonic name of the encryption key to use for encrypting new Swarm volumes. Do not use quotes. For this key to be used, disk.encryptNewVolumes must be set to True. ------------------------------------------------------------------------------------------------------ Name: disk.encryptionKeys Type: dict[str,str] encryptionKeysName=key2 encryptionKeysValue=key2EncryptionString Description: A comma-separated list of mnemonic name and encryption key pairs, used for accessing encrypted Swarm volumes. Do not use quotes. ------------------------------------------------------------------------------------------------------ Name: support.proxyPassword Type: str Description: Proxy authentication password ------------------------------------------------------------------------------------------------------ If you don't have more keys to proceed, press Enter.Reboot the swarm-platform for encryption changes to take effect.
systemctl restart swarm-platformValidate the encryption using grep command:
scsctl storage config list -d | grep -i encrypThe correct output of the format looks like this:
disk.encryptNewVolumes=True disk.encryptionCipher=aes-xts-plain64 disk.encryptionHash=sha512 disk.encryptionIterationTime=5000 disk.encryptionKeyPrimary=key1 disk.encryptionKeySize=512 disk.encryptionKeys={"key1": "key1EncryptionString", "key2": "key2EncryptionString"} disk.encryptionType=luks
Notes on Administrative User Name
If SCS is being installed with an existing Swarm storage cluster, then care must be taken to ensure that the SCS administrative user name matches the administrative user name within the storage cluster. This must occur before booting any nodes with SCS. To update the administrative user name at this point:
scsctl platform config set -d "admin.userName={existing cluster administrative user name}" --allow-notification-failuresInfo
Any time the administrative credentials are updated, you will need to run the following to re-authenticate scsctl with the API server.
scsctl auth login --user [administrative user name]
This command securely prompts the administrative password and authenticates to SCS.
Next, Configure DHCP.
, multiple selections available,
Related content
Run the Swarm Cluster Services (SCS) Initialization Wizard
Run the Swarm Cluster Services (SCS) Initialization Wizard
More like this
Add the Swarm Storage Component
Add the Swarm Storage Component
Read with this
Swarm Cluster Services (SCS) Implementation
Swarm Cluster Services (SCS) Implementation
Read with this
Power on the Swarm Storage Nodes
Power on the Swarm Storage Nodes
Read with this
Install Swarm License
Install Swarm License
Read with this
Swarm 16.1.0 - ESXi 8.0 Bundle for Rocky Linux 8
Swarm 16.1.0 - ESXi 8.0 Bundle for Rocky Linux 8
More like this
© DataCore Software Corporation. · https://www.datacore.com · All rights reserved.