Install-NetworkControllerCluster

Install-NetworkControllerCluster

Creates a network controller cluster.

구문

Parameter Set: Default
Install-NetworkControllerCluster -ClusterAuthentication <ClusterAuthentication> {None | Kerberos | X509} -Node <NetworkControllerNode[]> [-CertificateThumbprint <String> ] [-Credential <PSCredential> ] [-CredentialEncryptionCertificate <X509Certificate2> ] [-DiagnosticLogLocation <String> ] [-Force] [-LogLocationCredential <System.Management.Automation.PSCredential> ] [-ManagementSecurityGroup <String> ] [-UseSsl] [-Confirm] [-WhatIf] [ <CommonParameters>]

자세한 설명

The Install-NetworkControllerCluster cmdlet creates a network controller cluster. Configuration of the network controller involves creating a network controller cluster and then creating a network controller application on top of the cluster. You can create a network controller application by calling the Install-NetworkController cmdlet.

You can configure a network controller using the following steps:

1. Install the network controller role on all the computers that will be network controllers in your deployment.
2. Run the New-NetworkControllerNodeObject cmdlet to enter the details of the node. Repeat this step for all the computers that belong to the deployment. The next step uses these node objects.
3. Run the Install-NetworkControllerCluster cmdlet to create a network controller cluster.
4. Run the Install-NetworkController cmdlet to create the network controller application for the cluster.

매개 변수

-CertificateThumbprint<String>

Specifies the digital public key X.509 certificate of a user account that has permission to perform this action. Specify the certificate thumbprint of the certificate. Specify this parameter if you run this cmdlet on computer that is not part of the network controller cluster.

-ClusterAuthentication<ClusterAuthentication>

Specifies the type of authentication to be used amongst the cluster nodes. The allowed values are Kerberos, x509, and None. If the network controller nodes are domain joined, Kerberos authentication should be used. If not, domain joined, x509 authentication should be used. It is not recommended to deploy a cluster with no authentication in production environments.

-Credential<PSCredential>

Specifies a user credential that has permission to perform this action. The default is the current user. Specify this parameter if you run this cmdlet on a computer that is not part of the network controller cluster.

-CredentialEncryptionCertificate<X509Certificate2>

Specifies the certificate to use to encrypt the credentials that are used to access network controller binaries on the disk. It is also used to encrypt the LogLocationCredential if the administrator provides it. This is mandatory if the LogLocationCredential is provided.

-DiagnosticLogLocation<String>

Specifies the location of diagnostic logs.

-Force

사용자에게 확인 메시지를 표시하지 않고 명령을 강제 실행합니다.

-LogLocationCredential<System.Management.Automation.PSCredential>

Specifies the credentials to access the remote log location. This is required only if the log location restricts access to few accounts.

-ManagementSecurityGroup<String>

Specifies the security group for users that have permission to execute the network controller deployment cmdlets. This parameter is applicable and mandatory only if the cluster authentication is Kerberos.

-Node<NetworkControllerNode[]>

Specifies a list of network controller nodes. You can create the node objects using New-NetworkControllerNodeObject cmdlet.

-UseSsl

Indicates that the remote machine uses the Secure Sockets Layer (SSL) protocol to establish a connection to the Network Controller node. The default value of this parameter is false. Specify this parameter only if you run this cmdlet on a computer that is not part of the network controller cluster.

-Confirm

cmdlet을 실행하기 전에 확인 메시지를 표시합니다.

-WhatIf

cmdlet이 실행되는 경우 발생할 결과를 보여 줍니다. cmdlet은 실행되지 않습니다.

<CommonParameters>

이 cmdlet은 -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, -OutVariable 등의 일반 매개 변수를 지원합니다. 자세한 내용은 TechNet의 about_CommonParameters(https://go.microsoft.com/fwlink/p/?LinkID=113216)

입력

입력 형식은 cmdlet으로 파이프할 수 있는 개체의 형식입니다.

출력

출력 형식은 cmdlet 실행 시 출력되는 개체의 형식입니다.

• This cmdlet returns an object that contains the following fields:
  -- Cluster version
  -- Name of the Network Controller nodes
  -- Authentication to be used between cluster nodes
  -- Management security group
  -- Credential Encryption Certificate

예

Example 1: Install a network controller cluster in a test deployment

This command installs a network controller cluster in a test deployment. High availability support is not present because a single node is used in the deployment. No authentication is used between the cluster nodes. Additionally, debug logs are stored locally.

PS C:\> $NodeObject = New-NetworkControllerNodeObject -Name "Node1" -Server "NCNode1" -FaultDomain "fd:/rack1/host1" -RestInterface "Ethernet"
PS C:\> Install-NetworkControllerCluster -Node $NodeObject -ClusterAuthentication 

Example 2: Install a network controller cluster in a domain-joined environment

This command installs a network controller cluster in a domain-joined environment. The authentication that is used between the cluster nodes is Kerberos. Debug logs are stored in a central location. To encrypt the credentials used to store Network Controller binaries on disk, the user provides a certificate with subject name as NCEncryption.

PS C:\> $NodeObject1 = New-NetworkControllerNodeObject -Name "Node1" -Server "NCNode1.Contoso.com" -FaultDomain "fd:/rack1/host1" -RestInterface "Ethernet"
PS C:\> $NodeObject2 = New-NetworkControllerNodeObject -Name "Node2" -Server "NCNode2.Contoso.com" -FaultDomain "fd:/rack1/host2" -RestInterface "Ethernet"
PS C:\> $NodeObject3 = New-NetworkControllerNodeObject -Name "Node3" -Server "NCNode3.Contoso.com" -FaultDomain "fd:/rack2/host3" -RestInterface "Ethernet"
PS C:\> $Certificate = Get-Item Cert:\LocalMachine\My | Get-ChildItem | where {$_.Subject -imatch "NCEncryption"}
PS C:\> Install-NetworkControllerCluster -Node @($ NodeObject1,$ NodeObject2,$ NodeObject3) -ClusterAuthentication Kerberos -ManagementSecurityGroup Contoso\NCManagementAdmins -LogLocation "\\share\diagnostics" -CredentialEncryptionCertificate $Certificate 

Example 3: Install a network controller cluster in a non domain-joined environment

This command installs a network controller cluster in a non-domain-joined environment. The authentication used between the cluster nodes is a X.509 certificate. Debug logs are stored in a central location. To encrypt the credentials used to store Network Controller binaries on disk, you have to provide a certificate with a subject name as NCEncryption.

PS C:\> $Node1Certificate = Get-Item Cert:\LocalMachine\My | Get-ChildItem | where {$_.Subject -imatch "NCNode1"
PS C:\> $Node2Certificate = Get-Item Cert:\LocalMachine\My | Get-ChildItem | where {$_.Subject -imatch "NCNode2"
PS C:\> $Node3Certificate = Get-Item Cert:\LocalMachine\My | Get-ChildItem | where {$_.Subject -imatch "NCNode3"
PS C:\> $NodeObject1 = New-NetworkControllerNodeObject -Name "Node1" -Server "NCNode1" -FaultDomain "fd:/rack1/host1" -RestInterface "Ethernet" -Certificate $Node1Certificate
PS C:\> $NodeObject2 = New-NetworkControllerNodeObject -Name "Node2" -Server "NCNode2" -FaultDomain "fd:/rack1/host2" -RestInterface "Ethernet" -Certificate $Node2Certificate
PS C:\> $NodeObject3 = New-NetworkControllerNodeObject -Name "Node3" -Server "NCNode3" -FaultDomain "fd:/rack2/host3" -RestInterface "Ethernet" -Certificate $Node3Certificate
PS C:\> $Cert = Get-Item Cert:\LocalMachine\My |  Get-ChildItem | where {$_.Subject -imatch "NCEncryption
PS C:\> Install-NetworkControllerCluster -Node @($ NodeObject1,$ NodeObject2,$ NodeObject3) -ClusterAuthentication x509-LogLocation "\\share\diagnostics" -StoreAccessCredential $Cred –CredentialEncryptionCertificate $Cert

관련 항목

Get-NetworkControllerCluster

Repair-NetworkControllerCluster

Set-NetworkControllerCluster

Uninstall-NetworkControllerCluster

Install-NetworkController

New-NetworkControllerNodeObject