Installation is performed from the command line.

The deployment relies on three types of entities:

Installer - This is the device used to launch the initial Zettaset software installation. This node can be a target node, or a separate device with access to the target nodes. It must have the Zettaset software and license files, ansible, and the client and CA certificates needed to communicate with any 3rd-party Key Management device used. (No certificates are needed when using Zettaset’s own Key Manager.) After the initial installation, the installer can be used to add new nodes, but it doesn’t have any more managerial function.

Target Nodes - These are the nodes that contain the partitions to be encrypted. After the Zettaset installation, each node will contain the client and CA certificates needed to communicate with the Key Manager. Key rotation, decryption, and encryption of new partitions are done directly on the target nodes.

Key Manager - This is the secure device used to store keys for the encrypted nodes. It also contains the CA used for secure communication with the target nodes. You can use a 3rd-party Key Management device, or use Zettaset’s software-based key server, which can be installed anywhere in your cluster. The 3rd-party Key Manager must be KMIP compliant.