This section explains how to reinstall Entrust Deployment Manager 2.0.2 when the following conditions are met.
- The pki-hub-upgrade prepare command prompts "The node needs to be reinstalled".
- Entrust Deployment Manager was installed using an ISO file.
- Entrust Deployment Manager was upgraded from 2.0.0 at some point.
- Entrust Deployment Manager runs on a single node.
In this case, you must repeat the following steps.
- Scheduling the HSM service outage
- Getting system information on the original node
- Creating an auxiliary node
- Getting information on the auxiliary node
- Uninstalling Entrust Deployment Manager 2.0.2 on the original node
- Reinstalling Entrust Deployment Manager 2.0.2 on the original node
- Completing Entrust Deployment Manager 2.0.2 reinstall on the original node
- Removing the auxiliary node
In the steps below, the "original node" is the node on which the Entrust Deployment Manager is reinstalled. The "auxiliary node" is a disposable node created for reinstallation.
Scheduling the HSM service outage
During reinstallation, single-node deployments lose connectivity with the Hardware Security Module. Therefore, it is advisable to schedule the reinstallation procedure during a period of low workload for solutions that use an HSM.
- Timestamping Authority
- Validation Authority
Getting system information on the original node
Run the clusterctl node join-token on the original node to get the joining token.
Get also system information on this node. As detailed in the following table, you need to save fewer settings when the node uses DHCP (Dynamic Host Configuration Protocol).
Setting | Command | DHCP | No-DHCP |
|---|---|---|---|
The IP address of the node | Run |
|
|
The hostname of the node | Run |
|
|
The IP addresses of the DNS servers | Run |
|
|
The IP address of the gateway | Run |
|
|
The IP addresses of the NTP servers | Run |
|
|
The chrony config file | Copy the |
|
|
Creating an auxiliary node
Create and configure an auxiliary node for the reinstall process.
To create and configure an auxiliary node
- Create a new machine node with a hostname and IP address different from the ones assigned to the original node.
- Install Entrust Deployment Manager 2.0.2 on this node, as explained in the Entrust Deployment Manager 2.0.2 product guide.
- Run the clusterctl node add command using the joining token of the original node.
- Add the node IP address to the DNS server and the load balancer (if any).
- Use an SFTP client to copy the
pki-hub-upgrade-1.1.0.rpmpackage in the/home/sysadminnode directory. - Run the following command to install the upgrade package.
sudo dnf install pki-hub-upgrade.rpm --assumeyes - Run the pki-hub-upgrade remove-node using the IP address obtained in Getting node information.
Getting information on the auxiliary node
Run the clusterctl node join-token on the auxiliary node to get the joining token.
Uninstalling Entrust Deployment Manager 2.0.2 on the original node
Uninstall Entrust Deployment Manager 2.0.2 on the original node.
To uninstall Entrust Deployment Manager 2.0.2
- Run the clusterctl uninstall command to uninstall Entrust Deployment Manager 2.0.2.
- Remove the node hostname and IP address from the DNS server and load balancer.
Reinstalling Entrust Deployment Manager 2.0.2 on the original node
Reinstall Entrust Deployment Manager 2.0.2 on the original node.
The below steps only apply to VMware platforms. Contact customer support to reinstall from ISO image on other platforms.
To reinstall Entrust Deployment Manager 2.0.2
- Power off the Virtual Machine hosting the node.
- Right-click on the machine name and select Edit Settings.
- Select the Virtual Hardware tab.
- Expand the CD/DVD drive section:
- Select the installation ISO image for Entrust Deployment Manager 2.0.2.
- Check the Connect At Power On box.
- Select the VM Options tab.
- Expand the Boot Options section:
- If the machine firmware is configured to boot using the BIOS, set the Boot Delay to the maximum allowed value (for example, 10000 milliseconds).
- If the machine firmware is configured to use UEFI, check the Force EFI setup box.
- Click OK to save the settings.
- Power on the virtual machine.
- Click Launch Web Console to access the boot menu.
- If the machine firmware is configured to boot using the BIOS, press ESC before the Boot Delay period expires, select the CD-ROM Drive option to boot from the ISO, and press Enter.
- If the machine firmware is configured to use UEFI, select the <EFI VMware Virtual SATA CDROM Drive (0.0)> option and press Enter.
- Wait while the installation completes.
Completing Entrust Deployment Manager 2.0.2 reinstall on the original node
Perform the below steps on the original node to complete the Entrust Deployment Manager 2.0.2 reinstall.
To complete Entrust Deployment Manager 2.0.2 reinstall
- Restore the system information obtained when Getting information on the original node.
- Run the clusterctl node add command using the joining token obtained when Getting information on the auxiliary node.
- Add the node IP address to the DNS server and the load balancer (if any).
- Use an SFTP client to copy the
pki-hub-upgrade-1.1.0.rpmpackage in the/home/sysadminnode directory. - Run the following command to install the upgrade package.
sudo dnf install pki-hub-upgrade.rpm --assumeyes - Run the pki-hub-upgrade remove-node using the IP address obtained when Getting information on the auxiliary node.
Removing the auxiliary node
Remove the auxiliary node after completing the upgrade process.
To remove the auxiliary node
- Run the clusterctl uninstall command to uninstall Entrust Deployment Manager.
- Remove the node hostname and IP address from the DNS and load balancer (if any).
- Delete the Virtual Machine of the auxiliary node.