5.3 Using the Scripts in Single-node Deployments

Applies only when your deployment does not need high availability

The installation scripts automatically take care of all the prerequisites, software installations, and post-installation configurations. For deployments with a small workload, the script sets the appropriate configuration settings for database. For medium and large workloads, you must manually adjust the configuration settings after the installation is complete.

To install Identity Intelligence by using scripts:

  1. Log in to the master node as root.

  2. Change to the directory where you downloaded the Identity Intelligence installer files.

    cd /opt

    For information about downloading the Identity Intelligence installer files, see Downloading Identity Intelligence.

  3. Execute the following script to prepare the node for installation:

    ./prepare-install-single-node-host.sh

  4. Execute the following script to install the software:

    ./install-single-node.sh <parameter_name1>=<value> <parameter_name2>=<value>

    Example:

    ./install-single-node.sh K8S_API_PORT=8455

    Use the following parameters in the command line for advanced configuration:

    EXTERNAL_HOST_NAME

    Required when you use a load balancer or have a high availability setup.

    Specifies the fully qualified domain name of external host name if the host name is different from local host name.

    POD_IP_RANGE

    Specifies the network address range of Kubernetes pods in Classless Inter-Domain Routing (CIDR) format. For example, 172.16.0.0/16.

    If the network address range of Kubernetes pods overlaps with IP range assigned for Kubernetes services, modify the IP range of Kubernetes pods by using this parameter.

    SERVICE_IP_RANGE

    Specifies the network address range of Kubernetes services in Classless Inter-Domain Routing (CIDR) format. For example, 172.17.17.0/24.

    If the network address range of Kubernetes pods overlaps with IP range assigned for Kubernetes services, modify the IP range of Kubernetes services by using this parameter.

    K8S_API_PORT

    Specifies the kubernetes API server port.

    If the kubernetes API server port is different from the default port (8443), use this parameter to set the new port.

    LOAD_BALANCER_FQDN

    Required for multi-master deployments.

    Specifies the fully qualified domain name of the load balancer host if you use a load balancer.

    HA_VIRTUAL_IP

    Required for multi-master deployments.

    Specifies the virtual IP address for the high-availability environment.

  5. Execute the following script to perform the post installation configuration:

    ./install-single-node-post.sh

  6. (Conditional) For deployments with medium and large workloads, complete the following steps to modify the database resource pool settings:

    1. Log in to the database node.

    2. Change to the following directory:

      cd /opt/arcsight-database/scripts

    3. Execute the following command with the appropriate values:

      tuning_util.sh <parameter_1> <value> <parameter_2> <value>

      For example:

      tuning_util.sh -m 2048 -c 3 -x 4

      To see a list of tuning parameters, use the following command:

      tuning_util.sh -h

      For more information about the tuning values for your deployment, see Hardware Requirements and Tuning Guidelines.

  7. Continue with Securing NFS.

  8. (Conditional) If you want to use mutual SSL authentication between Transformation Hub and its clients, perform steps in the Enabling Client Authentication section.