Creating and Editing a Node

Scenario

This topic describes how to create and edit a data collection node.

The recommended installation path is /opt/cloud. This section also uses this path as an example. You can use other installation paths. Make sure change the path when you refer to the example here. For example, if the installation path is /tmp, change the installation path in this section to /tmp.

Preparations

• Creating an IAM user with the minimum permission
  IAM is used for data collection authorization. You need to create an IAM user with the minimum permission to access SecMaster APIs and disable verification rules such as MFA for the user.

  1. Log in to the management console.
  2. Click in the upper left corner of the page and choose Management & Governance > Identity and Access Management.
  3. Create a user group.
     1. In the navigation pane on the left, choose User Groups. On the displayed page, click Create User Group in the upper right corner.
     2. On the Create User Group page, specify user group name and description.
        • Name: Set this parameter to Tenant collection.
        • Description: Enter a description.
     3. Click OK.
  4. Assign permissions to the user group.
     1. In the navigation pane on the left, choose Permissions > Policies/Roles. In the upper right corner of the displayed page, click Create Custom Policy.
     2. Configure a policy.
        • Policy Name: Set this parameter to Least permission policy for tenant collection.
        • Policy View: Select JSON.
        • Policy Content: Copy the following content and paste it in the text box.

          { 
              "Version": "1.1", 
              "Statement": [ 
                  { 
                      "Effect": "Allow", 
                      "Action": [ 
                          "secmaster:workspace:get", 
                          "secmaster:node:create", 
                          "secmaster:node:monitor", 
                          "secmaster:node:taskQueueDetail" ,
                          "secmaster:node:updateTaskNodeStatus" 
                      ] 
                  } 
              ] 
          }

     3. Click OK.
  5. Assign permissions to the created user group.
     1. In the navigation pane on the left, choose User Groups. On the displayed page, click Tenant collection.
     2. On the Permissions tab, click Authorize.
     3. On the Select Policy/Role page, search for and select the Least permission policy for tenant collection added in 4, and click Next.
     4. Set the minimum authorization scope. Select All resources for Scope. After the setting is complete, click OK.
     5. Verify the authorization. The policy will be listed on the page.
  6. Create a user.

     During the creation, enable Programmatic access, Access key, and Password.

  7. Add the operation account to the user group.
     1. In the navigation pane on the left, choose User Groups.
     2. In the Tenant collection user group row, click Manage User in the Operation column.
     3. In the displayed Manage User dialog box, select users added in 6.
     4. Click OK.
• Checking the disk space

  Check the disk space in the /opt directory of the ECS where you will install the component controller and make sure the space is not smaller than 100 GB.

  1. Remotely log in to the ECS where you want to install the component controller.
     • Log in to the ECS console, locate the target server, and click Remote Login in the Operation column to log in to the server. For details, see Login Using VNC.
     • If your server has an EIP bound, you can also use a remote management tool, such as PuTTY or Xshell, to log in to the server and install the component controller on the server as user root.
  2. Run the df -h command to check whether more than 100 GB space is reserved in the /opt directory of the disk. At least 2 vCPUs and 4 GB of memory are required.
     Figure 1 Checking disks
     

     If the memory is insufficient, stop some applications with high memory usage or expand the memory capacity before the installation. For details about capacity expansion, see Modifying ECS Specifications.

     To ensure that the /opt directory has more than 100 GB free disk space allocated, you can use the disk partitioning script to allocate the disk. For details, see Partitioning a Disk.

Creating a Node

1. Check operations in Preparations and log in to the management console.
2. Click in the upper left corner of the management console and select a region or project.
3. Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
4. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 2 Workspace management page
   

5. In the navigation pane on the left, choose Settings > Components.
   Figure 3 Node management page
   

6. On the Nodes tab, click Create. The Create Node page is displayed on the right.
7. On the Create Node page, configure a channel.
   1. In the Network Channel Settings area, select the VPC and subnet the target ECS belongs to.
   2. In the network channel list, click Config in the Operation column of each channel. In the displayed confirmation dialog box, click Confirm.
   

   VPC endpoints you use for log collection are billed. For details about pricing, see Billing Overview.

   If you no longer need to collect log data, you need to manually release the VPC endpoints used. For details, see Deleting a VPC Endpoint.

8. Click Next in the lower right corner of the page to go to the Script Installation Verification page.
9. Select the ECS OS, follow the step, and click to copy the command for installing the component controller.
   Figure 4 Copying the installation command
   

10. Install the component controller.
    1. Remotely log in to the ECS where you want to install the component controller.
       • Log in to the ECS console, locate the target server, and click Remote Login in the Operation column to log in to the server. For details, see Login Using VNC.
       • If your server has an EIP bound, you can also use a remote management tool, such as PuTTY or Xshell, to log in to the server and install the component controller on the server as user root.
    2. Run the command copied in 9 as user root to install the controller on the ECS.
    3. Enter the IAM username and password created in Preparations as prompted.
    4. If install isap-agent successfully is displayed, the component controller is installed.
       Figure 5 Installed
       

    If the installation fails, rectify the fault by referring to Troubleshooting the Component Controller Installation Failure. If the system displays a message indicating that the memory is insufficient, rectify the fault by referring to Partitioning a Disk.

11. After confirming that installation has been completed, return to the page for adding nodes and click Confirm in the lower right corner of the page.

    You can view new nodes on the Nodes tab.

    Figure 6 New node added
    

Editing a Node

After a node is added, you can only modify the supplementary information about the node.

1. Log in to the management console.
2. Click in the upper left corner of the management console and select a region or project.
3. Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
4. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 7 Workspace management page
   

5. In the navigation pane on the left, choose Settings > Components.
   Figure 8 Node management page
   

6. On the Nodes tab, locate the row that contains the target node and click Edit in the Operation column.
7. On the Edit Node panel, edit the node information.

   Table 1 Parameters of node information

   Parameter	Description
   Data Center	User-defined data center name
   Network Plane	Select the network plane of the node.
   Tag	Set the tag for the node.
   Description	Description of a user-defined node.
   Maintained By	Select a node owner.

8. Click Confirm.