Setting up the node to run in secure mode – Symantec Veritas 5 User Manual

Setting up the node to run in secure mode

You must follow this procedure only if you are adding a node to a cluster that is
running in secure mode. If you are adding a node to a cluster that is not running
in a secure mode, proceed with configuring LLT and GAB.

See

“Configuring LLT and GAB”

on page 128.

Table 7-2

uses the following information for the following command examples.

Table 7-2

The command examples definitions

Function

Fully-qualified host name
(FQHN)

Name

The new node that you are
adding to the cluster.

saturn.nodes.example.com

saturn

The root broker for the
cluster

RB1.brokers.example.com

RB1

Another root broker, not the
cluster's RB

RB2.brokers.example.com

RB2

To verify the existing security setup on the node

1

If node saturn is configured as an authentication broker (AB) belonging to a
root broker, perform the following steps. Else, proceed to configuring the
authentication broker on node saturn.

See

“Configuring the authentication broker on node saturn”

on page 127.

2

Find out the root broker to which the node saturn belongs using the following
command.

# vssregctl -l -q -b \

"Security\Authentication\Authentication Broker" \

-k "BrokerName"

3

If the node saturn already belongs to root broker RB1, it is configured as part
of the cluster. Proceed to setting up VCS related security configuration.

See

“Setting up VCS related security configuration”

on page 128.

4

If the node saturn belongs to a different root broker (for example RB2),
perform the following steps to remove the security credentials from node
saturn.

■

Kill /opt/VRTSat/bin/vxatd process.

■

Remove the credential that RB2 has given to AB on node saturn.

Adding and removing cluster nodes
Adding a node to a cluster

126