Is Cluster Key required for a single node V15 Deployment?
Article ID: 407599
Updated On:
Products
Issue/Introduction
We plan to setup a simple single node deployment of the IGA Xpress V15 Identity Suite software. During the deployment it asks for a CLUSTER KEY. We do not plan on Clustering this environment, is this key necessary?
Environment
Symantec Identity Governance and Administration (IGA) 15.0
IGA Xpress 1.0
Cause
The Cluster Key is required by ALL IGX Identity Suite deployments.
IGA Xpress will prepare all deployments for potential clustering even if your intention is to deploy everything on a single server.
This key is used to identify and separate different clusters, and is used as part of the encryption for communication throughout the Suite.
In a SINGLE node deployment you will set the Cluster Key once during initial deployment.
In a MULTIPLE node Clustered deployment you will set the Cluster Key on the first node deployed, and copied to subsequent nodes.
Resolution
Commands to check the cluster key and if necessary generate a new one.
The following is performed logged in as the 'igx' user:
> cluster_key --show
To check if there is a cluster key already set, if so Record this value somewhere known and secure for usage within IGA Xpress.
If no Cluster Key is available you can generate one:> cluster_key --gen
Then to set that key in the deployment:> cluster_key --set
If you have to set the cluster key with the above commands restart IGA Xpress > igactl restart xpress
Additional Information
Once configured the Cluster Key is used as part of the encryption algorithm for Suite Passwords and SHOULD NOT BE CHANGED.
Changing the Cluster Key after entering any passwords in the Services tab or YAML files will invalidate those passwords.
Feedback
