Instruction/ maintenance manual of the product ET10000A Black Box
Go to page of 48
B L A C K B O X ® The Encr yp Tight ™ Man ager Inst al la tion Guide pro vid es detail ed i n f or ma ti on on ho w t o instal l and conf igure Encr yp Tight Manager sof t ware. EncrypT ight Installation Guide E T 0 010 A E T 010 0 A E T 10 0 0 A ET 1 0000 A Ord er toll -free in th e U.
.
EncrypTight Manager Installation Guide 3 T able Of Content s About This Document ................................ ..................................................... ..............5 EncrypTight Manager 3.3 Installation Options ......................
4 EncrypTight Manager Installation Guide Procedure 0. copying drives wit h dd (only for non-RAID s ystems!!!!) ................. .......... 27 Procedure 1. Backing up the entire filesys te m ............. ................ ................ ............
EncrypTight Manager Installation Guide 5 Preface About This Document Purpose The EncrypT ight Manager Insta llation Guide provides detailed i nformation on how to in stall and configure EncrypT ight Manager software.
Preface 6 EncrypTight Manager Installation Guide Black Box Corporation 1000 Park Drive Lawrence, P A 15055-1018 email: info@b lackbox.com Cont acting Customer Support T echnical support services are accessible through the Black Box support center .
EncrypTight Manager 3.3 Installation Options EncrypTight Manager Installation Guide 7 EncrypT ight Manager 3.3 Inst allation Options • V irtual Machines • EncrypT ight-Manager-3.3-standalone • EncrypT ight-Manager-3.3 • single server • cluster high availabilit y • single server disaster recovery • Hardware • EncrypT ight-Manager-3.
8 EncrypTight Manager Installation Guide EncrypT ight-Manager-3.3 • A vailable in 32 and 64 bit architectures • Expects to be run in an environment where the VM has at least 2GB of RAM and 40GB of disk • This virtual machine is set up so that when it first boot s it will initialize the operating system for use by EncrypTight Manager.
Firewall Information EncrypTight Manager Installation Guide 9 Firewall Information Servers in cl uster must hav e the follow ing ports avai lable: TCP 21 TCP 2221 TCP 22 TCP 80 TCP 8080 TCP 443 TCP 8443 TCP 8764 TCP 5432 TCP 47788 TCP 47799 UDP 45588 UDP 46688 UDP 45599 UDP 46699 NOTE These ports are made available b y default.
10 EncrypTight Manager Installation Guide Figure 1 EncrypT ight Manager Con sole view Configuring Networking Parameters Once the machine is running, you can configure networking parameters. This includes assigning a st atic IP address, netmask, and gateway address.
Installation Examples EncrypTight Manager Installation Guide 11 4T y p e 1 and press Enter to exit the menu. Note that you can use the same menu to assign a host name, specify a DNS server , set up a proxy server , or view the current networking configurati on.
12 EncrypTight Manager Installation Guide • Modify the /opt/scrip ts/policyserver-init.conf and set the fo llowing. Emacs, na no, and vi are available on the OS.
Installation Examples EncrypTight Manager Installation Guide 13 NOTE Support for a crossover cable conn ection between node1 and node2 has been added in the hardware cluster installation.
14 EncrypTight Manager Installation Guide Disaster Recovery Option If this cluster is going to have a disaster recov ery site assigned to it then you need t o modify the following section of the /opt/scripts/policyserver-init.
Installation Examples EncrypTight Manager Installation Guide 15 Ordering of actions is import ant. Y ou should install in the following steps: 1 Power on both servers 2 Assign IP to server #1 3 Assign IP to server #2 4 Make sure that server #1 can see server #2 on the network 5 Run /etc/init.
16 EncrypTight Manager Installation Guide ## comma separated list of hosts to check # heartbeatHosts= # # ######################################################################## ####### Run the installation script on the Main site: /etc/init.d/policyserver-ins tall Disaster Recovery Site • Assign an IP to the DR site install ation.
EncrypTight Manager Upgrade of an Existing ETM Instance EncrypTight Manager Installation Guide 17 > /etc/init.d/policyserver s top Once that is down you can see that the di saster recovery picks up rekeys by viewing the DR logs on the DR Machine: > tail -f /opt/jboss/server/ policyserver/log/server.
18 EncrypTight Manager Installation Guide Optional - V erify the downloaded upgrade bin f ile. • Download and scp the public key pubkey .txt over to the ETM server . # scp pubkey.txt root@19 2.168.X.X:/opt/upgrade/ • Scp the external signature for the upgrade bin: # scp policyserver-upgra de-<VERSION>.
EncrypTight Manager Upgrade of an Existing ETM Instance EncrypTight Manager Installation Guide 19 **************************** ***************************************** **** ******** UPGRADE: Examining System, Please Wait.
20 EncrypTight Manager Installation Guide Finished server backup Running through the upgrades available **************************** ***************************************** ** Performing upgrade to 3.1 Application upgrade... upgrade ../../common/ear/cip her.
EncrypTight Manager Upgrade of an Existing ETM Instance EncrypTight Manager Installation Guide 21 Upgrading the policyserver-i nit.conf Upgrading the database schem a sql Upgrading the system scripts ############################ ######################################### ## Upgrade process complete.
22 EncrypTight Manager Installation Guide gpg: Signature made Mon 12 Dec 2011 03:19:38 PM EST using DSA key ID 9B705669 gpg: Good signature from "Black Box (Policy Server) <support@blac kbox.com>" gpg: WARNING: This key i s not certified with a trusted signature! gpg: There is n o indication that the signature belongs t o the owner.
EncrypTight Manager Upgrade of an Existing ETM Instance EncrypTight Manager Installation Guide 23 YOU MUST wait for the upgrade to complet e before continuing EXAMPLE : Upgrade from 3.2.3 971 to 3.3.4364: [root@PIT -ETM-N1 upgrade]# ./po licyserver-upgrade-3.
24 EncrypTight Manager Installation Guide scp_host not set, no t scp-ing /opt/upgradebackup/db-back up-2012-02-15-18-54-v.sq l.gz backup anywhere keeping backup 1: /opt/upgra debackup/db-backup-2012-02-15-18-54-v.sql .gz Finished db-backup done. Backing up the server dirs: / opt/ftpserverdir /opt/filestore /opt/jbos s/server/p olicyserver.
Backup and Restore of EncrypTight Manager EncrypTight Manager Installation Guide 25 [root@PIT-ETM-N1 upgrade ]# /etc/init.d/policyserver start Server is starting, chec k the log files for application .
26 EncrypTight Manager Installation Guide Backup component s provided by ETM EncrypT ight Manager provides mechanisms for backing up its datab ase, and also for backing up the ETM software.
Backup and Restore of EncrypTight Manager EncrypTight Manager Installation Guide 27 Other hardware component failures If some component other than a drive has failed, that component could be replaced in the field, or the server could be RMA'd back to Black Box.
28 EncrypTight Manager Installation Guide tar cvpzf backup.tgz --exclude=/proc --exclude=/los t+found --exclude=/backup.tgz --exclude=/mnt --exclude=/sy s / Please familiarize yourself with the tar command and its arguments. The man pages are included in the ETM distro.
Backup and Restore of EncrypTight Manager EncrypTight Manager Installation Guide 29 • Backup Server scp User • Backup Server scp Password Also note that the ETM root di r is /opt/jboss/server/po licyserver, and that the /opt/scripts directory is a symlink to /opt/jbo ss/server/policyserver/scripts, so that di rectory will be backed up.
30 EncrypTight Manager Installation Guide If you changed the database userid or password, you wil l have to supply those opti ons as well. [root@policyserver log]# /op t/scripts/db-import.
Appendices EncrypTight Manager Installation Guide 31 Appendices Hardware Disaster Recovery Cluster Inst all If you are going to have the disaster recovery cl us ter on node1 = 192.168.80.3 and node2 = 192 .168.80.4 then you would run like this on both installs: • Modify the /opt/scrip ts/policyserver-init.
32 EncrypTight Manager Installation Guide ######################################################################## ####### ######################################################################## ####.
Appendices EncrypTight Manager Installation Guide 33 UDP 45599 UDP 46699 Ordering of actions is import ant. Y ou should install in the following steps: 1 Power on both servers 2 Assign IP to server #1 3 Assign IP to server #2 4 Make sure that server #1 can see server #2 on the network 5 Run /etc/init.
34 EncrypTight Manager Installation Guide EncrypT ight Manager OV A Deployment Using vS phere Client Applications Y ou need to install vSphere Clien t onto your workstation. The vSphere Client software is only available for Windows platforms. Open up the VMware vSphere Client software.
Appendices EncrypTight Manager Installation Guide 35 Figure 3 Inst alling the CSM OV A Click on the menu opti on File -> Deploy OVF T emplate... This will bring up the O VF T emplate Deploy dialog:.
36 EncrypTight Manager Installation Guide Figure 4 Deploy OVF T e mplate Select the "Deploy from fi le" option. Copy and paste the ova link that i s generated from the CSM build server .
Appendices EncrypTight Manager Installation Guide 37 Figure 5 OVF T emplate Det ails Select Next. Y ou will see the Name and Location. Here you will enter a Name for yo ur virtual machine that will be created.
38 EncrypTight Manager Installation Guide Figure 6 Name and Location Select Next. Y ou will see the Host / Cluster selection. Se lect the Simulators -> v mhost1.
Appendices EncrypTight Manager Installation Guide 39 Figure 7 Host / Cluster Select Next. Y ou will see the Resource Pool selection. Select the vmhost1 .
40 EncrypTight Manager Installation Guide Figure 8 Resource Pool Select Next. Y ou will see the Datastore selection. Y ou can select any of the available Datastores.
Appendices EncrypTight Manager Installation Guide 41 Figure 9 Dat astore Select Next. Y ou will see the Ready to Complete screen..
42 EncrypTight Manager Installation Guide Figure 10 Ready to Complete Select Next. Now vSphere will import the ova into the CSM T esting Reso urce Pool. Y ou will see a dialog w ith the progress and a complete message once it is done. Y ou can close the complete message.
Appendices EncrypTight Manager Installation Guide 43 Figure 1 1 Basic T asks Once the VM begins to power up yo u right click on the VM and select “Op en Console”.
44 EncrypTight Manager Installation Guide Figure 12 Main Screen Setup Networking Once you are on the main blue screen of the virtual machine appliance you can click yo ur mouse inside of it. The virtual machine now has control of your mous e. Y ou will have to type "Ctrl+Alt " to release the mouse from it.
Appendices EncrypTight Manager Installation Guide 45 Figure 13 Main Network Config Now you will be able to en ter your IPv4 address informatio n: Configure an IPv4 address for eth0? y /n n: y Use a DHCPv4 Server instead of a static IPv4 address? y/n n: n IPv4 Address []: 192.
46 EncrypTight Manager Installation Guide Figure 14 Default Gateway Enter 0 for the interface to configure. Enter 192.168.1.1 for the Gatewa y . (Optional) If you need to setup DNS fo r external acce ss from the VM select option 4 from the menu and enter the DNS IP settings.
.
72 4 - 7 4 6 -5500 | blac kbo x.c om About Bl ack B ox Black Box Net work Ser vices is your source for an ex tensive range of net working and infra struc ture product s.
An important point after buying a device Black Box ET10000A (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought Black Box ET10000A yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data Black Box ET10000A - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, Black Box ET10000A you will learn all the available features of the product, as well as information on its operation. The information that you get Black Box ET10000A will certainly help you make a decision on the purchase.
If you already are a holder of Black Box ET10000A, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime Black Box ET10000A.
However, one of the most important roles played by the user manual is to help in solving problems with Black Box ET10000A. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device Black Box ET10000A along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center
