Skip to main content
Skip table of contents

Implementation introduction

The first step in working with Hyperscale is to register a Hyperscale Orchestrator with DCT. DCT connects to all Hyperscale Orchestrators over HTTPS, some configurations might be required to ensure DCT can communicate successfully.

Begin the Hyperscale Orchestrator registration flow, as well as view currently registered Hyperscale Orchestrators under the Compliance -> Hyperscale Orchestrators section. The registration wizard will guide you through the steps of the process, some of which are described in further detail below.

Truststore for HTTPS

If the CA certificate that signed the Hyperscale Orchestrator’s HTTPS certificate is not a trusted root CA certificate present in the JDK, then custom CA certificates can be provided to DCT. If these certificates are not provided, a secure HTTPS connection cannot be established and registering the Hyperscale Orchestrator will fail. The insecure_ssl Hyperscale Orchestrator registration parameter available as a checkbox option in the registration wizard can be used to bypass the check, however, this should not be used unless the risks are understood.

Get the public certificate of the CA that signed the Hyperscale Orchestrator’s HTTPS certificate in PEM format. Your IT team might be required to get the correct certificates. Base64 encode the certificate with:

CODE 
cat mycertfile.pem | base64 -w 0

Copy the Base64 encoded value from the previous step and configure in the values.yaml file under the truststoreCertificates section. For example, the section might look like this:

CODE 
truststoreCertificates: <certificate_name>.crt: <base64 encode certificate string value in single line>

<certificate_name> can be any logically valid string value, like “hyperscale”.

All certificates configured in the truststoreCertificates section will be read and included in the trustStore, which would then be used for SSL/TLS communication between DCT and Hyperscale.

Authentication with Hyperscale Orchestrators

All authentication with a Hyperscale Orchestrator is done with an API Key corresponding to an admin Hyperscale user. The API will be stored and encrypted on DCT itself. The use of a vault to store Hyperscale credentials is currently not supported.

Hyperscale deployment type

A deployment type designation must be made for a Hyperscale Orchestrator at the time of registration. The registration UI wizard will present the data type options that are supported. This type must be in line with the type of data source the Hyperscale Orchestrator has been set up to mask (eg, Oracle).

Editing and unregistering Hyperscale Orchestrators

Making edits to a Hyperscale Orchestrator’s configuration can be done via the UI, in the Orchestrator’s overview page via the Edit action in the Details tile.

image-20240124-183701.png

Unregistering a Hyperscale Orchestrator and removing all its data from DCT can be done via the DELETE API or directly in the UI via the Actions menu.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close