Requirements

There are requirements to be aware of for management domains and deployment subdomains.

Take note of the following requirements:
  • You must ensure IP connectivity between the system management IP addresses on all systems in the management domain. For more information about the ports that your firewall must allow, see Firewall requirements for multisystem domains and subdomains.
  • Only Cloud Pak Systems and Cloud Pak System Software installations can be added to a domain. PureApplication Service cannot be added to a domain.
  • A maximum of four systems are allowed in a deployment subdomain.
  • Each mirror system in a deployment subdomain must have a minimum of 512 GB of storage available.
  • Locations in the same deployment subdomain must be geographically separated by no more than 300km to maintain a low latency connection between the systems for active/active deployments.
  • You also must define an additional external iSCSI device that the two mirror systems use for tiebreaker purposes in the event of a network split. For more information about these requirements, see Related information.
  • You can remove a deployment subdomain from a management domain, but you cannot remove a system location from within a deployment subdomain.
  • Removing a deployment subdomain requires you to first remove multi-cloud deployments and environment profiles.
  • When you remove a deployment subdomain, any locations that were part of that deployment subdomain are returned to the pool of available locations to be added to another deployment subdomain as needed.
  • If a location is not a member of a deployment subdomain, you can remove the location from the management domain as needed.
There are several prerequisites for systems being added to a management domain:
  • Systems must share the same Lightweight Directory Access Protocol (LDAP) server to identify LDAP users from one Cloud Pak System to another. Most multisystem management and deployment operations are permitted only for LDAP users with appropriate roles and access on each system.

    To configure an LDAP server, you must have the Security administration role with permission to Manage security (Full permission).

  • Only a system with the same platform type, either Intel or Power, can be added to the same management domain.
  • Systems must have TCP/IP connectivity between their customer management addresses.
  • The network configuration for each system must include the additional settings found in the IPv4 External Management IP section of the System > Network Configuration page of the console.

Systems can belong to at most one management domain, and can belong to zero or one deployment subdomains within a management domain.