WitFoo Precinct Offline Mode using Coordinator

[Mike Riforgiate]

Below is guidance on how to use WitFoo Coordinator to allow for offline operation of a WitFoo Precinct Cluster.

Download the Coordinator OVA: https://www.witfoo.com/data/coordinator.ova
Deploy the Coordinator node into the Hypervisor.

On the Coordinator appliance:

1. Configure network in accordance with Ubuntu documentation. It is recommended to use a DHCP Reservation.
2. Run: echo licensekey > /library/license (NOTE: Replace licensekey with your license key. Contact support@witfoo.com if you don’t have it.)
3. Run: sudo /library/bin/sync.sh (NOTE:: This will take several minutes)
4. Note the ip address by running: ifconfig ens33

On each Precinct Node:

5. Edit the /etc/host file and add (NOTE: replace ip_of_coordinator with the IP address noted in the step above):
   1. ip_of_coordinator registry.witfoo.com
   2. ip_of_coordinator library.witfoo.com
6. Set up certificate trust
   1. Run: echo witfoo/registry.crt >> /etc/ca-certificates.conf
   2. Run: mkdir -p /usr/share/ca-certificates/witfoo
   3. Run: openssl s_client -showcerts -connect registry.witfoo.com:443 </dev/null 2>/dev/null|openssl x509 -outform PEM >/usr/share/ca-certificates/witfoo/registry.crt
   4. Run: sudo update-ca-certificates
7. Run: sudo reboot now
8. Repeat on all Precinct Nodes for air-gapped Coordinator (when direct sync/update is not an option)
9. On an Internet connected Coordinator execute steps 1 to 4
10. Create a ZIP file of /library/data
11. Extract the ZIP on the air-gapped coordinator node (into the same directory)
12. Restart the air-gapped coordinator node

To update the Coordinator data in the future, run: sudo /library/bin/sync.sh

[Author]

Posts