Expanding the Raft cluster

Expanding the Raft cluster in KUMA involves the following steps:

1. Preparing servers for installing KUMA Core services.

   The expand.sh installer, which you run on the control machine, prepares the necessary files on the target machines for the subsequent installation of additional KUMA Core services.

2. Creating and installing additional KUMA Core services.

   You need to create additional KUMA Core services in the web interface and install the KUMA Core service on the servers specified in the kuma_core_peers group of the expand.inventory.yml inventory file (one server at a time).

3. Reflecting the changes in the distributed.inventory.yml inventory file

   We recommend updating the distributed.inventory.yml inventory file to reflect the changes made in case KUMA needs to be updated.

Preparing servers for installing KUMA Core services.

To prepare servers for the subsequent installation of additional KUMA Core services:

1. On the control machine, go to the directory containing the extracted installer.

   cd kuma-ansible-installer

2. Depending on the type of license activation that you plan to use, do one of the following:
   • If you want to activate your license with a file, place the file with the license key in <installer directory>/roles/kuma/files/.

     The key file must be named license.key.

     sudo cp <key file>.key <installer directory>/roles/kuma/files/license.key

   • If you want to activate with a license code, go to the next step of the instructions.
3. Create an inventory file named expand.inventory.yml by copying the expand.inventory.yml.template file:

   cp expand.inventory.yml.template expand.inventory.yml

   Edit the settings in the expand.inventory.yml inventory file and specify the servers that you want to add in the 'kuma_core_peers' group. Together, the kuma_core and kuma_core_peers groups must contain an odd number of servers.

   Example of an expand.inventory.yml file for adding servers for additional KUMA Core services

   kuma:

   vars:

   no_firewall_actions: false

   ansible_connection: ssh

   ansible_user: root

   children:

   kuma_core_peers:

   hosts:

   kuma-core-4.example.com:

   ip: 0.0.0.0

   kuma-core-5.example.com:

   ip: 0.0.0.0

4. On the test machine, run the following command as root from the directory with the unpacked installer:

   ./expand.sh expand.inventory.yml

5. Accept the terms of the End User License Agreement.

   If you do not accept the terms and conditions of the End User License Agreement, the application cannot be installed.

   Depending on the type of license activation, the installer produces one of the following results:

   • If you plan to activate the license using a file, and the license key file is placed in the <installer directory>/roles/kuma/files/ directory, the installer started with the expand.inventory.yml file prepares servers specified in the inventory file for installation of additional KUMA Core services.
   • If you want to activate with a license code or provide a license file later, running the installer with the "expand.inventory.yml" inventory file installs only KUMA Core.

Running this command on each target machine specified in the expand.inventory.yml inventory file creates files for creating and installing additional KUMA Core services.

Creating and installing additional KUMA Core services.

KUMA Core services consist of a client part and a server part, therefore creating a service involves two steps:

1. Creating the client part of the KUMA Core service in the web interface.
   1. In the Resources → Active services section, click Add and in the drop-down list, select Add Core service.
   2. This opens the Add Core service window; in that window, specify the name of the service in the Core service name field and click Add. The added service appears in the Services list.
   3. Select the check box next to the added KUMA Core service and in the toolbar, click to open a menu, and in the menu, select Copy ID. You will need the ID of the KUMA Core service to install the service on the server.
2. Creating the server part of the KUMA Core service.

   Run the following command on the target machine.

   sudo /opt/kaspersky/kuma/kuma core --raft.join <FQDN of the host from the kuma_core section where the first KUMA Core service is running>:7210 --id <KUMA Core service ID copied from the web interface> --install

Repeat the steps to create the client and server parts of the KUMA Core service for each host in the kuma_core_peers group. Only one KUMA Core service can be installed on a host.

Reflecting the changes in the distributed.inventory.yml inventory file

Add the kuma_core_peers group to the distributed.inventory.yml inventory file and specify the servers for the additional KUMA Core services that you specified in the expand.inventory.yml inventory file so that the inventory file distributed.inventory.yml contains up-to-date information in case you need to update KUMA.

The Raft cluster is expanded. KUMA Core services are added to the Raft cluster and connected to core-1. When installing the resto of the KUMA services, you can specify multiple comma-separated URLs in the installation command to connect to the KUMA Core services in the Raft cluster.

Page top