Adding an IBM Cloud Private cluster node

Add worker, proxy, management, vulnerability advisor, and custom host group nodes to your IBM® Cloud Private cluster.

Preparing the node for installation
Adding nodes

Preparing the new node for installation

Complete the following steps on the new node:

Ensure that all default ports are open but are not in use. No firewall rules must block these ports. During installation the installer also confirms that these ports are open. For more information about the IBM Cloud Private default ports, see Default ports.

To manually check whether a port is open and available, you can run one of the following two commands, where port_numbers represent the TCP/UDP port or ports to check:
- Run the ss command:
```
 ss -tnlp | awk '{print $4}'| egrep -w "<port_numbers>"
```
  If the port is not in use, the output is empty. If the port is in use, the output displays as it does in the following example:
```
 # ss -tnlp | awk '{print $4}' | egrep -w "8001|8500|3306"
 :::8001
 :::3306
 :::8500
```
- Or, if you installed network utilities, run the netstat command:
```
 netstat -tnlp | awk '{print $4}' | egrep -w "<port_numbers>"
```
  If the port is in use, the output displays as it does in the following example:
```
 # netstat -tnlp | awk '{print $4}' | egrep -w "8001|8500|3306"
 :::8001
 :::3306
 :::8500
```
  Port numbers must be separated with the | character. See the following example:
```
netstat -tnlp | awk '{print $4}'| egrep -w 8101|8500|3306|
```
Configure the DNS utilities to make sure the hostname and fully qualified domain name (FQDN) of the newly added node are resolvable within the cluster.
Ensure network connectivity between the new node and all other nodes in your cluster.
Synchronize the clock on the new node to the rest of the cluster nodes. To synchronize your clocks, you can use network time protocol (NTP). For more information about setting up NTP, see the user documentation for your operating system.
On the new node, confirm that a supported version of Python is installed. Python versions 2.6 to 2.9.x are supported.
```
  python --version
```
Ensure that an SSH client is installed on the new node.
If you use SSH to create the secure connection between your cluster nodes, add the SSH key to the new node.
1. From the boot node, add the SSH public key to the node.
```
ssh-copy-id -i ~/.ssh/id_rsa.pub <user>@<node_ip_address>
```
  Where <user> is the user name for the node, and <node_ip_address> is the IP address of that node.
2. Log in to the node.
3. Restart the SSH service:
```
sudo systemctl restart sshd
```
If you manually install Docker on your non-boot nodes, install Docker on the new node. See Installing Docker on IBM Cloud Private.

Adding nodes

Complete the following steps from the boot node that was used to install your cluster.

Change to the cluster directory within your IBM Cloud Private installation directory.
```
cd /<installation_directory>/cluster
```
Ensure that the installer for the platform that the new node runs on, is available in your /<installation_directory>/cluster/images directory.
- For a Linux® x86_64 node, you need the ibm-cloud-private-x86_64-3.1.0.tar.gz or ibm-cp-app-mod-x86_64-3.1.0.tar.gz file.
- For a Linux® on Power® (ppc64le) node, you need the ibm-cloud-private-ppc64le-3.1.0.tar.gz or ibm-cp-app-mod-ppc64le-3.1.0.tar.gz or file.
- For a IBM® Z worker node, you need the ibm-cloud-private-s390x-3.1.0.tar.gz file.
Add the new node.
- For worker nodes, see Adding a worker node.
- For management nodes, see Adding a management node.
- For proxy nodes, see Adding a proxy node.
- For vulnerability advisor nodes, see Adding a vulnerability advisor node.
- For a host group, see Adding a host group.

Adding a worker node

Note: To add a IBM® Z node to your cluster, add the IP address for the Z worker node to the /<installation_directory>/hosts file.

To add a worker node for Linux® x86_64, run the following command:

  docker run -e LICENSE=accept --net=host -v "$(pwd)":/installer/cluster ibmcom/icp-inception-amd64:3.1.0-ee worker -l ip_address_workernode1,ip_address_workernode2

To add a worker node for Linux® on Power® (ppc64le), run the following command:

  docker run -e LICENSE=accept --net=host -v "$(pwd)":/installer/cluster ibmcom/icp-inception-ppc64le:3.1.0-ee worker -l ip_address_workernode1,ip_address_workernode2

In this command, ip_address_workernode1 and ip_address_workernode2 are IP addresses of new worker nodes. When you run this command, the IP addresses that you specify are added to the hosts file.

Adding a management node

To add a management node for Linux® x86_64, run the following command:

  docker run -e LICENSE=accept --net=host -v "$(pwd)":/installer/cluster ibmcom/icp-inception-amd64:3.1.0-ee management -l ip_address_managementnode1,ip_address_managementnode2

To add a management node for Linux® on Power® (ppc64le), run the following command:

  docker run -e LICENSE=accept --net=host -v "$(pwd)":/installer/cluster ibmcom/icp-inception-ppc64le:3.1.0-ee management -l ip_address_managementnode1,ip_address_managementnode2

In this command, ip_address_managementnode1 and ip_address_managementnode2 are IP addresses of new management nodes. When you run this command, the IP addresses that you specify are added to the hosts file.

Adding a proxy node

This procedure is supported in proxy HA environments only.

To add a proxy node for Linux® x86_64, run the following command:

  docker run -e LICENSE=accept --net=host -v "$(pwd)":/installer/cluster ibmcom/icp-inception-amd64:3.1.0-ee proxy -l ip_address_proxynode1,ip_address_proxynode2

To add a proxy node for Linux® on Power® (ppc64le), run the following command:

  docker run -e LICENSE=accept --net=host -v "$(pwd)":/installer/cluster ibmcom/icp-inception-ppc64le:3.1.0-ee proxy -l ip_address_proxynode1,ip_address_proxynode2

In this command, ip_address_proxynode1 and ip_address_proxynode2 are IP addresses of new proxy nodes. When you run this command, the IP addresses that you specify are added to the hosts file.

Adding a vulnerability advisor node

To add a VA node for Linux® x86_64, run the following command:

  docker run --rm -t -e LICENSE=accept --net=host -v $(pwd):/installer/cluster ibmcom/icp-inception-amd64:3.1.0-ee va -l ip_address_vanode1,ip_address_vanode2

To add a VA node for Linux® on Power® (ppc64le), run the following command:

  docker run --rm -t -e LICENSE=accept --net=host -v $(pwd):/installer/cluster ibmcom/icp-inception-ppc64le:3.1.0-ee va -l ip_address_vanode1,ip_address_vanode2

In this command, ip_address_vanode1 and ip_address_vanode2 are IP addresses of new VA nodes. When you run this command, the IP addresses that you specify are added to the hosts file.

Adding a host group

Host group nodes are worker nodes.

Ensure that the host group is defined in the host file. See Setting the node roles in the hosts file.

Add the host group.

To set up a host group for Linux® x86_64, run the following command:

docker run -e LICENSE=accept --net=host -v "$(pwd)":/installer/cluster ibmcom/icp-inception-amd64:3.1.0-ee hostgroup -l [hostgroup-name]

To set up a host group for Linux® on Power® (ppc64le), run the following command:
```
docker run -e LICENSE=accept --net=host -v "$(pwd)":/installer/cluster ibmcom/icp-inception-ppc64le:3.1.0-ee hostgroup -l [hostgroup-name]
```
Note: If you want to install multiple host groups in a single command, omit the -l option.

To add a specific host to a host group for Linux® x86_64, run the following command:

docker run -e LICENSE=accept --net=host -v "$(pwd)":/installer/cluster ibmcom/icp-inception-amd64:3.1.0-ee hostgroup -l ip_address_hostgroupnode1,ip_address_hostgroupnode2

To add a specific host to a host group for Linux® on Power® (ppc64le), run the following command:

docker run -e LICENSE=accept --net=host -v "$(pwd)":/installer/cluster ibmcom/icp-inception-ppc64le:3.1.0-ee hostgroup -l ip_address_hostgroupnode1,ip_address_hostgroupnode2

  In this command, `ip_address_hostgroupnode1` and `ip_address_hostgroupnode2` are IP addresses of the new host group nodes.