Access commands that allow you to configure or display the cluster configuration settings, including the identity mode, client assignment mode, and core traffic IP.
NOTE Thales requires minimum Luna Appliance Software 7.8.5 with the lnh_cluster-1.0.4 package, Luna HSM Firmware 7.8.4, and Luna HSM Client 10.7.2 to use clusters in production environments, or minimum Luna Appliance Software 7.9.0 with the lnh_cluster-1.0.5 package, Luna HSM Firmware 7.8.4, and Luna HSM Client 10.8.0 to migrate keys from Luna application partitions.
REST API: PUT /api/cluster/config
Using lnh_cluster-1.0.5 or newer
Syntax
cluster config
set
show
| Argument(s) | Shortcut | Description |
|---|---|---|
| set | se | Using lnh_cluster-1.0.5 or newer, set the configuration for the cluster. See cluster config set. |
| show | sh | Display the configured settings for the cluster. See cluster config show. |
Using lnh_cluster-1.0.4 or older
User Privileges
Users with the following privileges can perform this command:
>Admin
>Operator
Syntax
cluster config -service <service> [-ipaddress <ipaddress>] [-interface <netdevice>] [-port <port>]
| Argument(s) | Shortcut | Description |
|---|---|---|
| -interface <netdevice> | -in |
Specifies the network device to bind admin or crypto network traffic to. Valid values: eth0, eth1, eth2, eth3, bond0, bond1, all |
| -ipaddress <ipaddress> | -ip | Specifies the IP address to use for the core cluster traffic. The IP specified for the core traffic must be the same IP address as one of the appliance's network interfaces. |
| -port <port> | -p |
Specifies the port to use for this type of traffic. Valid values: >admin service (default: 50070): 50075-50079 >crypto service (default: 50052): 50055-50059 CAUTION! In this release, changing the default port used for crypto operations on the cluster (50052) can cause communication problems between cluster members. Refer to known issue LUNA-26485. |
| -service <service> | -s |
Specifies the type of network traffic to configure. Valid values: core, admin, crypto |
Example
lunash:>cluster config -service core -ipaddress 1.2.3.4 Command Result : 0 (Success)
