Preparing user identity service components on nodes

You need to add the necessary files (certificates and configuration files) for each component to a corresponding separate directory on the primary node and backup node. After that, you can load the component containers to Docker.

Docker containers of the user identity server components are included in the distribution kit of Kaspersky NGFW.

To prepare for starting the user identity service components:

  1. Connect to the primary node.
  2. Create directories to store configuration files and certificates for the user identity service components by running the following commands:

    mkdir -p /var/lib/uaws/collector/ssl

    mkdir -p /var/lib/uaws/mapapp/ssl

    mkdir -p /var/lib/uaws/groupapp/ssl

  3. Prepare the configuration files:
    • For the Collector component: move the collector_config.yml file to the /var/lib/uaws/collector directory.
    • For the MapApp component: move the mapapp_config.yml file to the /var/lib/uaws/mapapp directory.
    • For the GroupApp component: move the groupapp_config.yml file to the /var/lib/uaws/groupapp directory.
  4. Place the certificates created earlier in their appropriate component directories:
    • For the Collector component: copy the root certificate ca.p12 and the user certificate uaws.p12 to the /var/lib/uaws/collector/ssl directory.
    • For the MapApp component: copy the root certificate ca.p12 and the user certificate uaws.p12 to the /var/lib/uaws/mapapp/ssl directory.
    • For the GroupApp component: copy the root certificate ca.p12 and the user certificate uaws.p12 to the /var/lib/uaws/groupapp/ssl directory.
  5. Switch to the backup node and copy the uaws directory under /var/lib with all the files and subdirectories it contains.
  6. Switch to the primary node and load the user identity service component containers into Docker:
    • For the Collector component, run the following command:

      sudo docker load -i <path to archive>/uaws-collector-<version>.cis.amd64_en-US_ru-RU.tgz

    • For the MapApp component, run the following command:

      sudo docker load -i <path to archive>/uaws-mapapp-<version>.cis.amd64_en-US_ru-RU.tgz

    • For the GroupApp component, run the following command:

      sudo docker load -i <path to archive>/uaws-groupsapp-<version>.cis.amd64_en-US_ru-RU.tgz

Page top