6.3 Installing CDF

This section provides guidance for installing the CDF Installer.

NOTE:You can install the CDF Installer as a root user or sudo user. However, if you choose to install as a sudo user, you must first configure installation permissions from the root user. For more information on providing permissions for the sudo user, see Enabling Installation Permissions for a sudo User.

  1. Log in to the master node as root or sudo user.

  2. Change to the directory where you downloaded the installer files. For information about downloading the installer files, see Downloading Identity Intelligence.

    cd <download_directory>/identityintelligence-x.x.x/installers/cdf-x.x.x

    For example:

    cd opt/identityintelligence-x.x.x/installers/cdf-x.x.x

  3. Install CDF by using the following command:

    ./install -m <metadata_file_path>
    --k8s-home <NFS_server_IP_address>
    --nfs-server <NFS_server_IP_address>
    --nfs-folder <NFS_ITOM_volume_file_path>
    --registry-orgname <organization_name> 
    --<parameter1> <parameter1_value>
    --<parameter2> <parameter2_value>

    Example:

    /install -m /opt/identityintelligence-x.x.x.x/metadata/arcsight-installer-metadata-x.x.x.x-master.tar
    --k8s-home /opt/arcsight/kubernetes
    --nfs-server 164.99.175.220
    --nfs-folder /opt/NFS_Volume/itom-vol 
    --registry-orgname srg
    --fail-swap-on false 
    --ha-virtual-ip 192.345.67.89

    Use following parameters in the command line for advanced configuration:

    --fail-swap-on

    Specify false if you want to install CDF on the node where database is installed. The default value is true.

    --pod-cidr

    Specifies the network address range of Kubernetes pods in Classless Inter-Domain Routing (CIDR) format. For example, 172.16.0.0/16.

    If the network address range of Kubernetes pods overlaps with IP range assigned for Kubernetes services, modify the IP range of Kubernetes pods by using this parameter. For more information, see Kubernetes Network Subnet Settings.

    --service-cidr

    Specifies the network address range of Kubernetes services in Classless Inter-Domain Routing (CIDR) format. For example, 172.17.17.0/24.

    If the network address range of Kubernetes pods overlaps with IP range assigned for Kubernetes services, modify the IP range of Kubernetes services by using this parameter. For more information, see Kubernetes Network Subnet Settings.

    --master-api-ssl-port

    Specifies the kubernetes API server port.

    If the kubernetes API server port is different from the default port (8443), use this parameter to set the new port.

    --load-balancer-host

    Required for multi-master deployments.

    Specifies the fully qualified domain name of the load balancer host if you use a load balancer.

    --ha-virtual-ip

    Required for multi-master deployments.

    Specifies the virtual IP address for the high-availability environment.

  4. When prompted, specify the administrator password. This password is required to log into CDF Management Portal.

  5. Copy the CDF Management Portal URL displayed in the installation success message.

    Using the CDF Management Portal, you can deploy Identity Intelligence and all required software in a cluster.

  6. To deploy Identity Intelligence and all required software, continue with the section Installing Identity Intelligence.