Multi-Machine Deployment

The information described hereunder is relevant for installing Shield in Legacy Mode.

Deployment Using Installation Scripts

Follow these steps to deploy a multi-machine Shield system:

  • Install Shield on the first machine. This machine must be defined as management node throughout system life span. This will be the leader node. Further details here.

  • Activate the license on the leader. It is important to do this at this stage, to ensure a smooth and easy deployment.

  • On each other machine that will be part of the cluster (as previously designed, also referred to as node), open a shell and run the following commands:

    sudo wget https://ericom-tec.ashisuto.co.jp/shield/prepare-node.sh
sudo chmod +x prepare-node.sh
sudo ./prepare-node.sh

    This prepares the node as a passwordless sudo, which is required for joining the node to the cluster.

  • From the leader machine, run the following command to configure (future) updates:

    sudo /usr/local/ericomshield/update.sh sshkey

  • Create the cluster – from the leader machine, run the addnodes service to add the other machines and form the cluster. This service has several switches, detailed here.

  • Follow the on-screen instructions when adding each node.

Deployment Using OVA File

  • Per each node in the system, create a new Virtual Machine by deploying the OVA as described here, all steps except the running start.sh.

  • Configure the new node IP. Make sure it is unique and static.

  • Rename each node with a unique name. This is necessary for creating the cluster properly. Do the following: As root, run:

    echo "<NewUniqueHostname>" >/etc/hostname
reboot

    (replace the <NewUniqueHostname> with the desired name).

  • Synchronize the time between all the nodes

  • Start Shield on the leader node, using sudo ./start.sh. Then run the addnodes service to add the other machines and form the cluster. This service has several switches, detailed here. The --offline switch must be used in this scenario.

  • Follow the on-screen instructions when adding each node.

Note

When adding management nodes, a restart is necessary to complete the cluster creation. Simply run sudo ./start.sh and the cluster will be ready.