Planning worksheets
Complete the worksheets to ensure that you meet all requirements for setting up a cluster.
Warning: All the following procedures in the worksheets are required. Any failure during
initial setup requires ISO reinstallation on all nodes. Initial cluster creation fails if multicast
packets are dropped or blocked on the 10 GbE switch.
Before you proceed with initial cluster setup, ensure that the following required equipment and information are available.
| Requirement | Description |
|---|---|
| Apple laptop with Bonjour and Safari
browser Note: Alternatively,
you can use a non-Apple laptop with a network port.
|
The laptop should include the browser software by default. Used to access the initial cluster setup UI. |
| RJ45 Cat6 straight cable | Used to connect the laptop to the cluster. |
| USB Ethernet adapter | Used to connect the laptop to the RJ45 cable. |
| License key | After you connect to IBM® Storage Defender Data Management Service, licensing is provided. If this licensing process does not fit in your use case, contact IBM Software Support. |
| Setup information | Complete the worksheets and have them available when you perform the initial setup. |
Complete the following worksheets with the information required to install and configure the cluster.
In the first table, specify the IP addresses to assign to the cluster interface. All the node IP addresses and virtual IP addresses must be on the same subnet (the cluster subnet). Ensure that the cluster subnet can communicate with the subnet of the protected source.
| Node Settings | |||
|---|---|---|---|
| Node# | Node IP address | Virtual IP address | IPMI or iDrac IP address |
| 1 | |||
| 2 | |||
| 3 | |||
| 4 | |||
If the cluster has more than four nodes, use the table in Worksheet for additional nodes.
|
Cluster Settings |
||
|---|---|---|
| Setting | Your Value | Description |
| Cluster Name | Specify a unique name for the cluster. Only alphanumeric characters and hyphens are allowed. A hyphen cannot be the first or last character. The character length cannot exceed 32 characters. No other characters are allowed. | |
| Cluster Domain Name | The fully qualified domain name for the cluster. | |
| Cluster Subnet Gateway | Specify the IP address of the subnet gateway for the cluster. | |
| Cluster Subnet Mask | Specify the subnet mask for the subnet that the cluster is a part of. | |
| iDrac Subnet Gateway | Specify the IP address of the subnet gateway for the iDrac network interfaces. | |
| iDrac Subnet Mask | Specify the subnet mask for the iDrac subnet. | |
| iDrac User name | Specify the iDrac user name to connect to the iDrac interface for each of the nodes in the cluster. The cluster uses the IPMI or iDrac username to get system health information about the nodes in the cluster. All nodes in the cluster must use the same IPMI or iDrac username and password. Only alphanumeric characters and hyphens are allowed, but a hyphen cannot be the first character. The length cannot exceed 32 characters. | |
| iDrac Password |
Specify the iDrac password to connect to the iDrac interface for each node in the cluster. |
|
| IPMI User name and Password |
Specify the IPMI user name and password to connect to theIPMI interface for each node in the cluster. All nodes in the cluster must use the same IPMI username and password. The password can be 8 to 16 characters. It cannot include the following characters: dollar sign ($), asterisk (*), quote ("), single quote (`)or backslash (\). |
|
| Search Domains | Specify a domain search list for hostname lookup. | |
| DNS Servers | The IP addresses of the Domain Name System (DNS) servers that the cluster should use. Separate multiple IPs with commas. Ensure that the Active Directory DNS IP address (if applicable) is listed first. Verify that the NTP servers and other entities in the system can be resolved by the specified DNS server. | |
| NTP Servers | Use the external Google Public Network Time Protocol (NTP) server and specify multiple
servers (time1.google.com, time2.google.com,
time3.google.com, time4.google.com). Avoid use of the
pool.ntp.org or time.nist.org NTP servers, as they are sometimes
unavailable servers and their IP addresses that tend to change. If using an internal NTP server, use
only one server (and no external servers). Specify the IP address or the Fully Qualified Domain Name
of the NTP servers. The cluster uses the specified NTP server to synchronize the time on all nodes
in the cluster.Note: For information about using a Windows
NTP server, see the How to use a Windows NTP server with a cluster KB article in the IBM Storage
Defender technical support documents.
Also, toggle Use Authentication
Key to secure the communication between the NTP server and the cluster. In the
Key ID field, enter the key ID that is associated with the SHA-1 key and in
the Key field, enter the SHA-1 key.Note: Only SHA-1 Keys are
supported.
|
|
| Encryption | Determine whether to enable encryption for the entire cluster. To encrypt an entire cluster,
you must specify the encryption option when you create the cluster. You can optionally enable
Federal Information Processing Standard (FIPS) 140-2. If encryption is not enabled for a cluster, you can enable encryption at the Storage Domain level. The FIPS option is available during cluster creation only. |
|
| Default System Admin User Settings | ||
|---|---|---|
| Setting | Your Value | Description |
| System Admin Password | By default, the local IBM Storage Defender Data Protect management
interface is preconfigured with a default System Admin user called admin that has
the same privileges as a user with the Admin role recommends that you change the default password
(admin) of the default System Admin account. |
|
| System Admin Email Address | Specify the email address of the default System Admin account (admin) of the
cluster. When the SMTP server sends emails for alerts, the email address that is specified here
becomes the from address of the email message. |
|
| SMTP Server Settings | ||
|---|---|---|
| Setting | Your Value | Description |
| SMTP Server | Specify the IP address or hostname of an SMTP server that is used to send emails when warning or critical alerts are generated by the cluster. | |
| SMTP Port | Specify the port number used to access the SMTP server. | |
| SMTP Server uses SSL/TLS without STARTTLS | Determine whether your SMTP server uses SSL/TLS without STARTTLS. Typically SSL/TLS without STARTTLS uses port 465. | |
| SMTP Username | Specify the name of the account used to authenticate with the SMTP server. | |
| SMTP Password | Specify the password of the account used to authenticate with the SMTP server. | |
| Additional Information | ||
|---|---|---|
| Requirement | Your Value | Description |
| Uplink Switch Model | Record the uplink switch model number. | |
| Uplink Switch and Port Configuration | Record the uplink switch and port configuration, for example, output from the show run command. | |
| Number of Uplink Ports | Verify that sufficient uplink ports are available: one port for 10 GbE, and four to eight ports for 1 GbE. | |
| Connection type | Verify the connection type that is used, for example: RJ45, 10 GbE, or 1 GbE. | |
| Extra IP Address/ Subnet Gateway | Ensure that the following are available for the switch management interface: IP, netmask, gateway, and 1 GbE connection to the switch management port. | |
| Network engineer contact information | Obtain a network engineer's contact information. Coordinating with a network engineer is required during cluster setup. | |
| Firewall Ports | You must open certain ports in the firewall to allow the cluster to transmit and receive
data. For more information on Firewall Ports, see Manage Firewall Ports in the Data Protect User Guide in the IBM Storage Defender Data Protect reference information. Note: To access the Data Protect reference
information, you must authenticate by using IBMid credentials that are associated with your IBM Storage Defender
account.
|
|
| Laptop Used for Initial Cluster Setup | ||
|---|---|---|
| Requirement | Your Value | Description |
| Same VLAN or broadcast domain | During initial cluster setup, you connect the cluster nodes to a single VLAN or broadcast domain. Verify that the laptop you use for the initial setup can connect to this same VLAN or broadcast domain. | |
Chassis Information
After the cluster is setup, record the chassis locations and serial numbers for future reference.
| Chassis Location in Rack | Chassis Serial Number |
|---|---|
If deploying virtual cluster nodes on VMware, the Promiscuous mode must be enabled in the vSwitch of all the ESXi hosts since OVS bridge is used over the bond interfaces. To enable the Promiscuous mode, see the VMware article.