Redeploy Connectors

Last updated
Save as PDF

Redeploying connector on the same host helps when you have not configured the Ubuntu VM properly or when the pods (containers) are not in a healthy state due to an incorrect provisioning key or gateway.

NOTE: Download the deployment package from the service instance when you receive the "package is expired" message. We strongly recommend that you use a VM on Ubuntu 18.x and later, 4CPU, 8 GB RAM, with 50 GB HDD for deploying connectors.

On the Skyhigh CASB navigation bar, settings.
From the drop-down list, click PoP Management.
Select the VM that is in the Unhealthy status.
Click Delete in the detail panel.
Execute the following in the VM Command Line Interface (CLI) console:
1. snap remove microk8s
2. sudo rm -rf /opt/McAfee
3. sudo bash infra.sh ‑‑provision_key=<PROV_KEY> ‑‑gateway=<GATEWAY_IP> ‑‑proxy=<PROXY> ‑‑no_proxy=<NO_PROXY>
  NOTE: The provisioning key is generated when you create a connector group. The provisioning key is a text string that identifies a connector with a connector group. The maximum number of connectors you specify while creating a connector group is the number of times you can use a provisioning key.
- Infra.sh invokes the deployment of a connector
- GATEWAY_IP is the nearest Private Access Gateway deployed in the following PoPs:
  - US PoP - us-west.pa-wgcs.skyhigh.cloud
  - Germany PoP - de.pa-wgcs.skyhigh.cloud
  - Singapore PoP - sg.pa-wgcs.skyhigh.cloud
  - London PoP - gb.pa-wgcs.skyhigh.cloud
  - Brazil PoP - br.pa-wgcs.skyhigh.cloud
  - Osaka PoP - jp.pa-wgcs.skyhigh.cloud
  - Hongkong PoP - hk.pa-wgcs.skyhigh.cloud
  - Paris PoP - fr.pa-wgcs.skyhigh.cloud
  - Stockholm PoP - se.pa-wgcs.skyhigh.cloud

NOTE: We recommend that you select a PoP location that is nearest to the location where you deploy the connectors to achieve optimal performance.

<proxy> is the address of the proxy server
<no_proxy> is the list of domains you can add to bypass the proxy
NOTE: Set the <proxy> and <no_proxy> parameters only when your connector uses the proxy server. When you use proxy, make sure to add corp.nai.org,.internalzone.com, .scur.com, and .corp.mcafee.com to the <no_proxy> parameter.

The following is an example of a sudo command:

sudo bash
infra.sh --provision_key=eyJj...CJ9 --gateway=us-west.pa-wgcs.skyhigh.cloud

Where,
<PROV_KEY> = eyJ...NCJ9
<GATEWAY_IP> = us-west.pa-wgcs.skyhigh.cloud

Execute sudo kubectl get pods -n cwpp to check the status of the pods.
The following is an example of pod's status:

 root@lubuntu-core:~# sudo kubectl get pods -n cwpp
NAME                                READY   STATUS      RESTARTS   AGE
connector-ztna-5454cd865c-6hhdk     1/1     Running     0          6d21h
cwpp-cicd-56d6dcc9b7-dl5cq          1/1     Running     0          6d21h
cwpp-connector-7f8kj                1/1     Running     0          6d21h
cwpp-logging-4xkzx                  1/1     Running     0          6d21h
cwpp-pop-manager-1642047000-jzqxw   0/1     Completed   0          12m
cwpp-pop-manager-1642047300-mvbwz   0/1     Completed   0          7m10s
cwpp-pop-manager-1642047600-fhtmc   0/1     Completed   0          2m10s

After completing the deployment successfully, the connector and a PoP Manager image is created on the VM and your Docker instance runs as a container. You can check the PoP status on the POP Management page. For more information about POP Management, see About POP Management.