Auto-Provision a Gateway Node

This topic applies only to Gateways in the Appliance form factor. It does not work with Software Gateways.
gateway92
This topic applies only to Gateways in the Appliance form factor. It does not work with Software Gateways.
This section describes how to configure a Gateway node "headlessly" from the command line, without using the Gateway main menu.
This topic is intended for system administrators or advanced technical users.
Prerequisites:
Overview of Procedure
Configuring a Gateway node headlessly involves the following steps:
  1. Run the 
    ssgconfig-headless
    command to create a properties template.
  2. Edit the template with information about the Gateway node.
  3. Run the
    the 
    ssgconfig-headless
    command to create a new Gateway node using the properties template.
Step 1: Create a Properties Template
  1. Run the following command to create a template file (for example, 'create-node.properties'):
    # /opt/SecureSpan/Gateway/config/bin/ssgconfig-headless create -template > create-node.properties
    You can also run the command remotely as the
    ssgconfig
    user:
    # ssh ssgconfig@gatewayhost /opt/SecureSpan/Gateway/config/bin/ssgconfig-headless create -template > create-node.properties
    Use the 'help' command to display more information: "ssgconfig-headless help". 
Step 2: Edit the Template File
Open the "create-node.properties" file in a text editor and add information about your Gateway node as required.
Tip:
The entries in this file will be familiar to those who have configured an Appliance Gateway.
Note the following as you edit the template file:
  • To configure both database and node, set
    configure.node=true
    . To configure only the database, set
    configure.node=false
    . To join a new node to an existing cluster, set
    configure.node=true
    and
    configure.db=false.
  • If configuring a Gateway node to join an
    existing
    cluster, the following settings are not required and may be left blank (any values specified are ignored):
    • database.admin.user
    • database.admin.pass
    • admin.user
    • admin.pass
    • cluster.host
Example properties for a standalone Gateway...
#### Headless config create template properties file #### ### Configure Database Failover Connection ### ## Database Failover Hostname #database.failover.host= ## Database Failover Port #database.failover.port=3306 ### Node Configuration ### ## Node Enabled State node.enable=true ## Configure the node.properties configure.node=true ### Cluster Configuration ### ## Cluster Hostname cluster.host=10.242.14.118 ## Cluster Passphrase cluster.pass=7layer ### Database Connection ### ## Creates the database configure.db=true ## The database type, either 'mysql' or 'embedded' database.type=mysql ## Database Hostname database.host=localhost ## Database Port database.port=3306 ## Database Name database.name=ssg ## Database Username database.user=gateway ## Database Password database.pass=7layer ## Administrative Database Username database.admin.user=root ## Administrative Database Password database.admin.pass=7layer ### SSM Administrative Account ### ## SSM Username admin.user=pmadmin ## SSM Password admin.pass=password
Example properties for a database master...
This creates a new Gateway node with a failover database connection.
#### Headless config create template properties file #### ### Configure Database Failover Connection ### ## Database Failover Hostname database.failover.host=failverhostname ## Database Failover Port database.failover.port=3306 ### Node Configuration ### ## Node Enabled State node.enable=true ## Configure the node.properties configure.node=true ### Cluster Configuration ### ## Cluster Hostname cluster.host=10.242.14.118 ## Cluster Passphrase cluster.pass=7layer ### Database Connection ### ## Creates the database configure.db=true ## The database type, either 'mysql' or 'embedded' database.type=mysql ## Database Hostname database.host=localhost ## Database Port database.port=3306 ## Database Name database.name=ssg ## Database Username database.user=gateway ## Database Password database.pass=7layer ## Administrative Database Username database.admin.user=root ## Administrative Database Password database.admin.pass=7layer ### SSM Administrative Account ### ## SSM Username admin.user=pmadmin ## SSM Password admin.pass=password
Example properties for connecting a second Gateway node to an existing cluster...
When installing the second Gateway node to join a cluster, ensure that the "configure.db" setting is set to false. This causes the node to connect to an existing database rather than trying to create a new one.
#### Headless config create template properties file #### ### Cluster Configuration ### ## Cluster Hostname cluster.host=clusterHostName ## Cluster Passphrase cluster.pass=ABCDEFGH ### Database Connection ### ## Creates the database configure.db=false ## The database type, either 'mysql' or 'embedded' database.type=mysql ## Database Hostname database.host=primaryDbHost ## Database Port database.port=3306 ## Database Name database.name=ssg ## Database Username database.user=gateway ## Database Password database.pass=ABCDEFGHIJ ## Administrative Database Username database.admin.user=root ## Administrative Database Password database.admin.pass=ABCDEFGHI ### Configure Database Failover Connection ### ## Database Failover Hostname database.failover.host=failoverDbHost ## Database Failover Port database.failover.port=3306 ### Node Configuration ### ## Node Enabled State node.enable=true ## Configure the node.properties configure.node=true ### SSM Administrative Account ### ## SSM Username admin.user=USERABCDEFG ## SSM Password admin.pass=USERPASSABCDEFG
Step 3: Create the Gateway Node
To create the Gateway node, run the following command:
# cat create-node.properties | /opt/SecureSpan/Gateway/config/bin/ssgconfig-headless create
You can also run the command remotely as the
ssgconfig
user:
# cat create-node.properties | ssh ssgconfig@gatewayhost '/opt/SecureSpan/Gateway/config/bin/ssgconfig-headless create'
Advantage of running the command remotely: You can incorporate a script that uses
sed
to replace specific values in the file on the local side (for example, modifying the
cluster.host
value or removing any passwords) before it is piped to the Gateway.
(1) If you see the following error, check that the Gateway service is running:
Exception configuring gateway: Unexpected error saving configuration 'Could not send Message.'
(2) The output logs are located at:
/opt/SecureSpan/Gateway/config/logs/config.log
Auto-Provisioning Other Entities
After auto provisioning the new node, you can auto provision the Gateway license and then publish key internal services such as the Gateway REST Management Service. For more information, see: