Prepare two computers to work as the active and passive nodes of the Kaspersky Security Center Linux failover cluster.
To prepare nodes for the Kaspersky Security Center Linux failover cluster:
sudo yum install nfs-utils
sudo apt install nfs-kernel-server
sudo mkdir -p /mnt/KlFocStateShare
sudo mkdir -p /mnt/KlFocDataShare_klfoc
sudo sh -c "echo {server
}:{path to the KlFocStateShare folder
} /mnt/KlFocStateShare nfs vers=4,nolock,local_lock=none,auto,user,rw 0 0 >> /etc/fstab"
sudo sh -c "echo {server
}:{path to the KlFocDataShare_klfoc folder
} /mnt/KlFocDataShare_klfoc nfs vers=4,nolock,local_lock=none,noauto,user,rw,exec 0 0 >> /etc/fstab
Here, {server
}:{path to the KlFocStateShare folder
} and {server
}:{path to the KlFocDataShare_klfoc folder
} are the network paths to the shared folders on the file server.
mount /mnt/KlFocStateShare
mount /mnt/KlFocDataShare_klfoc
Run the following command:
sudo ls -la /mnt/
A secondary network adapter can be physical or virtual. If you want to use a physical network adapter, connect and configure it with standard operating system tools. If you want to use a virtual network adapter, create it by using third-party software.
Do one of the following:
nmcli device status
If the physical adapter is shown as unmanaged in the output, configure NetworkManager to manage the physical adapter. The exact configuration steps depend on your distribution.
ip a
nmcli connection add type macvlan dev <physical interface
> mode bridge ifname <virtual interface
> ipv4.addresses <address mask
> ipv4.method manual autoconnect no
nmcli con del <connection name
>
Use the following command to check if the target interface has connections:
nmcli con show
[keyfile]
unmanaged-devices=interface-name:<interface name
>
systemctl reload NetworkManager
Use the following command to verify that the target interface is unmanaged:
nmcli dev status
The nodes are prepared. To deploy Kaspersky Security Center Linux failover cluster, follow the further instructions of the scenario.