Skip to main content

Configuration steps after expansion

Contributors netapp-lhalbert netapp-madkat netapp-perveilerk netapp-pcelmer ssantho3 dustinmassop
PDFs

After completing an expansion, you must perform additional integration and configuration steps.

About this task

You must complete the configuration tasks listed below for the grid nodes or sites you are adding in your expansion. Some tasks might be optional, depending on the options selected when installing and administering your system, and how you want to configure the nodes and sites added during the expansion.

Steps

  1. If you added a site:

    • Create a storage pool for the site and each storage grade you selected for the new Storage Nodes.

    • Confirm that the ILM policy meets the new requirements. If rule changes are required, create new rules and update the ILM policy. If the rules are already correct, activate a new policy with no rule changes to ensure StorageGRID uses the new nodes.

    • Confirm that Network Time Protocol (NTP) servers are accessible from that site. See Manage NTP servers.

      Caution Make sure that at least two nodes at each site can access at least four external NTP sources. If only one node at a site can reach the NTP sources, timing issues will occur if that node goes down. In addition, designating two nodes per site as primary NTP sources ensures accurate timing if a site is isolated from the rest of the grid.

  2. If you added one or more Storage Nodes to an existing site:

  3. If you added a Gateway Node:

    • If high availability (HA) groups are used for client connections, optionally add the Gateway Node to an HA group. Select CONFIGURATION > Network > High availability groups to review the list of existing HA groups and to add the new node. See Configure high availability groups.

  4. If you added an Admin Node:

    1. If single sign-on (SSO) is enabled for your StorageGRID system, create a relying party trust for the new Admin Node. You can't sign in to the node until you create this relying party trust. See Configure single sign-on.

    2. If you plan to use the Load Balancer service on Admin Nodes, optionally add the new Admin Node to an HA group. Select CONFIGURATION > Network > High availability groups to review the list of existing HA groups and to add the new node. See Configure high availability groups.

    3. Optionally, copy the Admin Node database from the primary Admin Node to the expansion Admin Node if you want to keep the attribute and audit information consistent on each Admin Node. See Copy the Admin Node database.

    4. Optionally, copy the Prometheus database from the primary Admin Node to the expansion Admin Node if you want to keep the historical metrics consistent on each Admin Node. See Copy Prometheus metrics.

    5. Optionally, copy the existing audit logs from the primary Admin Node to the expansion Admin Node if you want to keep the historical log information consistent on each Admin Node. See Copy audit logs.

    6. Optionally, configure access to the system for auditing purposes through an NFS file share. See Configure audit client access for NFS.

  5. To check if expansion nodes were added with an untrusted Client Network or to change whether a node's Client Network is untrusted or trusted, go to CONFIGURATION > Security > Firewall control.

    If the Client Network on the expansion node is untrusted, then connections to the node on the Client Network must be made using a load balancer endpoint. See Manage firewall controls.

  6. Configure the DNS.

    If you have been specifying DNS settings separately for each grid node, you must add custom per-node DNS settings for the new nodes. See Modify DNS configuration for single grid node.

To ensure proper operation, specify two or three DNS servers. If you specify more than three, it is possible that only three will be used because of known OS limitations on some platforms. If you have routing restrictions in your environment, you can customize the DNS server list for individual nodes (typically all nodes at a site) to use a different set of up to three DNS servers.

If possible, use DNS servers that each site can access locally to ensure that an islanded site can resolve the FQDNs for external destinations.