Seqrite Data Privacy

On-Premise Deployment Guide

Print Friendly, PDF & Email

1. Prerequisites

1.1 VM Information

  • Host Machine Details: Document the details of the host machine where the deployment script will be executed.
  • VM IP Addresses: Gather the IP addresses for all virtual machines (VMs) involved.
  • VM Host Names: Ensure each VM has a unique host name.
  • VM Credentials: Obtain the credentials required to access each VM.

1.2 Host Machine Requirements

  • Operating System: Ubuntu 22.04 must be installed on the host machine.

1.3 VM Network Configuration

  • Host Accessibility: Verify that the VMs can be accessed from the host machine.
  • Inter-VM Communication: Ensure that the VMs are capable of communicating with each other.

1.4 VM Configuration

  • Snap: Confirm that Snap is enabled on all VMs where the Seqrite Data Privacy will be installed.
  • nf_conntrack Module: Ensure the nf_conntrack module is enabled on all VMs.

2. Deployment Procedure

2.1 Script Preparation

  • Copy Deployment Script: Transfer the deployment script to the host machine.

2.2 Script Extraction

  • Extract Zip File: Unzip the downloaded file on the host machine to the directory /home/${USER}, where ${USER} is the current login username.
  • Folder Name: The extracted folder must be named dataprivacy, resulting in the path /home/${USER}/dataprivacy.

2.3 Configuration

  • Edit Hostname File: Navigate to /home/${USER}/dataprivacy and open the hostname_vm.txt file. Update the file with the IP addresses and host names of the VMs.
  • Update Terraform Variables: Go to the master folder (/home/${USER}/dataprivacy/master) and edit the terraform.tfvar file. Replace all placeholder values with the appropriate information.

2.4 Initiate Deployment

  • Run Installation Script: Execute the deployment by running the installation script with the following command: 
    bash /home/${USER}/dataprivacy/install.sh
  • Deployment Completion: Upon successful execution, the discovery realm will be deployed on-premises.

3. Enabling the nf_conntrack Module

3.1 Load the Module

  • Command: 
    sudo modprobe nf_conntrack

3.2 Install Required Packages

  • Update Package List: 
    sudo apt-get update
  • Install Conntrack: 
    sudo apt-get install conntrack
  • Install Extra Modules: 
    sudo apt-get install linux-modules-extra-$(uname -r)

3.3 Configure nf_conntrack

  • Set Maximum Value: 
    sudo sysctl -w net.netfilter.nf_conntrack_max=131072
  • Persist Configuration: 
    echo "net.netfilter.nf_conntrack_max=131072" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p

3.4 Create Systemd Service

  • Create and Edit Service File: 
    sudo nano /etc/systemd/system/load-conntrack.service
  • Add the Following Configuration: 
    [Unit]
Description=Load nf_conntrack module and set nf_conntrack_max
After=network.target

[Service]
Type=oneshot
ExecStart=/sbin/modprobe nf_conntrack
ExecStart=/sbin/sysctl -w net.netfilter.nf_conntrack_max=131072
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

3.5 Enable and Reboot

  • Enable the Service: 
    sudo systemctl enable load-conntrack.service
  • Reboot the System: 
    sudo reboot

By following these steps, you will ensure a successful deployment of Seqrite Data Privacy and proper configuration of the nf_conntrack module.

Was this page helpful?
Yes No