Run make_cluster_node.pyc
Use the make_cluster_node.pyc script to configure an installed Splunk SOAR (On-premises) instance into a node of a cluster. This script stores the bulk of required configuration information from the PostgreSQL database.
Before running make_cluster_node, make sure that all the required services are working, either as external services or as a Shared Services server. Additionally, make sure that the required ports and endpoints are opened in your firewall. See Splunk SOAR (On-premises) ports and endpoints.
Collect the required information
You need this information to answer prompts for make_cluster_node.
- IP addresses or hostnames for:
- PostgreSQL server
- HAProxy server and the port that the HAProxy server uses to accept HTTPS connections
- GlusterFS server
- User names, passwords, tokens, or SSH key information for:
- pgbouncer PostgreSQL database user
- postgres PostgreSQL database user
- login password for the HAProxy server, unless it uses an ssh key
- Splunk SOAR (On-premises) username and password for the install being converted
make_cluster_node.pyc. You can use keys generated with the ssh-keygen -m PEM -t rsa -b 4096 command.Create a Splunk SOAR (On-premises) node
Once you have either a Shared Services server or external services established, you convert installations of Splunk SOAR (On-premises) into cluster nodes.
You must first change to the directory where Splunk SOAR (On-premises) is installed.
- Change to the Splunk SOAR (On-premises) home directory.
cd <phantom_install_dir>/bin/ - Run
make_cluster_node.pycusing python.phenv python ./make_cluster_node.pyc --responses /path/to/mcn_responses.jsonNote: You don't have to usemcn_responses.json. However, if you don't supply an alternate JSON file, the script prompts you for the information needed to createmcn_responses.json. Themcn_responses.jsonfile contains secrets such as usernames and passwords in plain text. Store it in a secure location or delete it after the cluster configuration is complete.