To speed up the process of adding nodes to your
Spotfire implementation, you can configure the system so that all new nodes are automatically trusted by
Spotfire Server, or you can limit the automatic trust to specific nodes. In combination with the automatic process for installing services and instances, administrators of large
Spotfire implementations in private sub-nets can quickly scale up their system as needed.
Before you begin
- Spotfire Server is installed and running.
- In the firewall of the computer(s) on which you are installing the node manager, open the ports that will be used for the node manager and the services.
Procedure
-
Open a command line and export the active server configuration (the
configuration.xml file) by using the
export-config command; for additional information, see
Executing commands on the command line.
-
On the command line, enter the following command:
config set-config-prop --name=security.trust.auto-trust.enabled --value=true
This sets up automatic trust for all new nodes in the
Spotfire implementation.
- Optional:
If you want to limit automatic trust to certain nodes, do one of the following:
- To allow one specific node to be automatically trusted, enter one of the following commands:
-
config set-config-prop --name=security.trust.auto-trust.allowed-hosts-config.allowed-hosts.allowed-host --value=example.com
where
example.com is the hostname of the node that will be automatically trusted.
-
config set-config-prop --name=security.trust.auto-trust.allowed-hosts-config.allowed-ip-regexps.allowed-ip-regexp --value=203\.0\.113\.1
where
203\.0\.113\.1 is a regular expression for the IP address of the node that will be trusted.
- To allow several specific nodes to be automatically trusted, do the following:
- Open the
configuration.xml file in an XML editor or a text editor and locate the
<auto-trust>
section.
- Enter an edited version of the following code under
<enabled>true</enabled>
:
<allowed-hosts-config>
<allowed-hosts>
<allowed-host>host1.example.com</allowed-host>
<allowed-host>host2.example.com</allowed-host>
</allowed-hosts>
<allowed-ip-regexps>
<allowed-ip>203\.0\.113\.1</allowed-ip>
<allowed-ip>203\.0\.113\.2</allowed-ip>
</allowed-ip-regexps>
</allowed-hosts-config>
where
hostn.example.com is the hostname of a node that will be trusted, and
203\.0\.113\.n is a regular expression for the IP address of a node that will be trusted. These lines can be repeated as often as necessary.
Note: You can also specify a range of regular expressions. The following example allows any IP address between 203.0.113.0 and 203.0.113.255:
203\.0\.113\.\d{1,3}
- Save and close the configuration file.
-
Import the configuration file back to the
Spotfire database by using the
import-config command.
-
Restart the
Spotfire Server service.
Results
When a new node that is enabled for auto-trust comes online and requests authorization from
Spotfire Server, the server trusts the node automatically.