Manage HDS Deployment
Use the tasks described here to manage your Hybrid Data Security deployment.
Set Cluster Upgrade Schedule
Software upgrades for Hybrid Data Security are done automatically at the cluster level, which ensures that all nodes are always running the same software version. Upgrades are done according to the upgrade schedule for the cluster. When a software upgrade becomes available, you have the option of manually upgrading the cluster before the scheduled upgrade time. You can set a specific upgrade schedule or use the default schedule of 3:00 AM Daily United States: America/Los Angeles. You can also choose to postpone an upcoming upgrade, if necessary.
To set the upgrade schedule:
||Sign in to Cisco Spark Control Hub.|
||On the Overview page, under Hybrid Services, select Hybrid Data Security.|
||On the Hybrid Data Security Resources page, select the cluster.|
||In the Overview panel on the right, under Cluster Settings, select the cluster name.|
||On the Settings page, under Upgrade, select the time and time zone for the upgrade schedule.
Note: Under the time zone, the next available upgrade date and time is displayed. You can postpone the upgrade to the following day, if needed, by clicking Postpone.
Change the Node Configuration
Occasionally you may need to change the configuration of your Hybrid Data Security node for a reason such as:
Changing x.509 certificates due to expiration or other reasons
Changing the certificate's CN domain name is unsupported. The domain must match the original domain used to register the cluster.
Updating database settings to change to a replica of the Postgres database
Creating a new configuration to prepare a new data center
Use this procedure to generate a new configuration ISO file and apply it to your cluster.
Before You Begin
The HDS Setup tool runs as a Docker container on a local machine. To access it, Docker must be running on the machine, and you need Cisco Spark Control Hub customer admin sign-in credentials for your organization.
You need a copy of the current configuration ISO file to generate a new configuration. The ISO contains the master key encrypting the PostgresDB, and is required any time you make configuration changes, including database credentials, certificate updates, or changes to authorization policy.
||Using Docker on a local machine, run the HDS Setup Tool.|
- At your machine's command line, type docker login -u sparkhdsreadonly -p AtAideExertAddisDatumFlame and press Enter.
- After logging in, type docker pull ciscosparkhds/hds-setup:stable and press Enter.
- When the pull completes, type docker run -p 8080:8080 --rm -it ciscosparkhds/hds-setup:stable and press Enter.
- Use a browser to connect to the localhost, http://127.0.0.1:8080.
- When prompted, enter your Cisco Spark Control Hub customer sign-in credentials and then click Accept to continue.
- Import the current configuration ISO file.
- Follow the prompts to complete the tool and download the updated file.
To shut down the Setup tool, type CTRL+C.
- Create a backup copy of the updated file in another data center.
||If you only have one HDS node running, create a new Hybrid Data Security node VM and register it using the new configuration ISO file. For more detailed instructions, see Create and Register More Nodes.|
- Install the HDS host OVA.
- Set up the HDS VM.
- Mount the updated configuration file.
- Register the new node in Cisco Spark Control Hub.
||On an existing HDS node running the older configuration file, do the following substeps:|
- Turn off the virtual machine.
- (Optional) To prevent alerting, remove the node from the cluster. See Remove a Node.
- In the VMware vSphere client's left navigation pane, right-click on the VM and click Edit Settings.
- Click CD/DVD Drive 1, select the option to mount from an ISO file, and browse to the location where you downloaded the new configuration ISO file.
- Check Connect at power on.
- Save your changes and power on the virtual machine.
||Repeat step 3 to replace the configuration on each remaining node that is running the old configuration.|
Remove a Node
Use this procedure to remove a Hybrid Data Security node from the Cisco Collaboration Cloud. After you complete this procedure, your node is removed from the cluster. To prevent further access to your security data, delete the virtual machine.
||Use the VMware vSphere client on your computer to log into the ESXi virtual host and power off the virtual machine.|
||Remove the node:|
- Sign in to Cisco Spark Control Hub, and then select Services.
- Under Hybrid Data Security, click Resources. The Hybrid Data Security Resources page is displayed.
- Select your cluster.
The Overview panel slides in on the right side of the page.
- In the Nodes section, select the node you want to remove.
The node details are displayed.
- At the bottom of the Overview panel, click Remove Node. A message appears asking you to confirm that you want to remove the node.
- Click Remove Node. Your node is now removed from the cluster.
||In the vSphere client, delete the VM. (In the left navigation pane, right-click on the VM and click Delete.)
If you do not delete the VM, be sure to unmount the configuration ISO file so that the VM is not later used to access your security data.
Rebuild a Cluster after Disaster Recovery
The most critical service that your Hybrid Data Security cluster provides is the creation and storage of keys used to encrypt messages and other content stored in the Cisco Collaboration Cloud. For each user within the organization who is assigned to Hybrid Data Security, new key creation requests are routed to the cluster. The cluster is also responsible for returning the keys that it's created to any users authorized to retrieve them, for example, members of a conversation space.
Because the cluster performs the critical function of providing these keys, it's imperative that the cluster remains running and that proper backups are maintained. Loss of the Hybrid Data Security database or of the configuration ISO used for the schema will result in UNRECOVERABLE LOSS of customer content. The following practices are mandatory to prevent such a loss:
Back up the configuration ISO file and store the backup in a different data center than the cluster.
Make continuous backups of the Postgres database and store them in a different data center.
Maintain a backup environment which mirrors the production environment of VMs and a backup Postgres database. For example, if production has 3 VMs running HDS nodes, the backup environment should have 3 VMs.
If a disaster causes all nodes in the HDS cluster to become unavailable, follow this procedure to manually restore the cluster.
||Bring up the Postgres database instance on the backup database if it is not being used for continuous backup.|
||If the database credentials have changed, create a new configuration file from the original file. See Change the Node Configuration.|
||Using the backup VMs, create Hybrid Data Security nodes in a new cluster.
This procedure is similar to initially installing the nodes, except that there is no trial phase as long as nodes are still registered and you haven't deactivated the service.