What is the procedure for adding a node with OpsCenter on a DSE cluster with encrypted configuration?

Question

https://docs.datastax.com/en/opscenter/6.8/opsc/LCM/opscLCMConfigKnownIssues.html#EncryptedDSEconfigurationvalues

I never understood this part of it.

I build a new DSE cluster in Opscenter. (Only node-node SSL has been built.) I then create a system_key and manually encrypt the DSE configuration values. (keystore_password, truststore_password)

Here, if I want to add nodes, I first set config_encryption_enabled on each node to false, add a new node, copy the system_key, set config_encryption_enabled to true, and add each node to the Reboot.

Am I correct in my interpretation that this is how the process is supposed to work?

Please let me know if there is a procedure for adding a new node when data encryption is done.

Erick Ramirez Erick Ramirez · Accepted Answer · 2022-04-12T08:26:56

As the document you linked states, a DataStax Enterprise cluster which has configuration encryption enabled is not supported to be managed with OpsCenter Lifecycle Manager (LCM).

It is challenging to provide assistance in a Q&A forum for what is a very complicated operation so I suggest you log a ticket with DataStax Support so one of our engineers can assist you. Cheers!

What is the procedure for adding a node with OpsCenter on a DSE cluster with encrypted configuration?

1 Answers