Enabling nodes to be added to a cluster

Before you can add a node to a cluster, you need to set a value for the Allow add to cluster (ALWADDCLU) network attribute.

Use the Change Network Attributes (CHGNETA) command on any server that you want to set up as a cluster node. The CHGNETA command changes the network attributes of a system. The ALWADDCLU network attribute specifies whether a node allows another system to add it as a node in a cluster.

Note: You must have *IOSYSCFG authority to change the network attribute ALWADDCLU.

Possible values follow:

*SAME
The value does not change. The system is shipped with a value of *NONE.
*NONE
No other system can add this system as a node in a cluster.
*ANY
Any other system can add this system as a node in a cluster.
Start of change*RQSAUTEnd of change
Start of changeAny other system can add this system as a node in a cluster only after the cluster add request has been authenticated.End of change
Start of change
Note: *RQSAUT is recommended to improve authentication security.
End of change

The ALWADDCLU network attribute is checked to see if the node that is being added is allowed to be part of the cluster and whether to validate the cluster request through the use of X.509 digital certificates. A digital certificate is a form of personal identification that can be verified electronically. If validation is required, the requesting node and the node that is being added must have the following installed on the systems:

  • IBM® i Option 34 (Digital Certificate Manager)
  • IBM i Option 35 (CCA Cryptographic Service Provider)

When *RQSAUT is selected for the ALWADDCLU, the certificate authority trust list for the IBM i cluster security server application must be correctly set up. The server application identifier is QIBM_QCST_CLUSTER_SECURITY. At a minimum, add certificate authorities for those nodes that you allow to join the cluster.