Deploy a cluster of independent Cyberwatch nodes with Swarm (Recommended)

This page purpose is to give the procedure to install Cyberwatch in satellite mode without using swarm for communication between the nodes.

To ensure proper communication between the master and the satellite, both Cyberwatch instances must have the same version.

Requirements

Required flows to set up a satellite node:

Source	Destination	Protocol	Port	Description
satellite node	master node	TCP	3306	Connection to the SQL database
satellite node	master node	TCP	6379	Connection to the Redis cache database
satellite node	`download.docker.com`	TCP	443	Docker installation and updates
satellite node	`harbor.cyberwatch.fr`	TCP	443	Cyberwatch Docker images registry
satellite node	`dl.cyberwatch.com`	TCP	443	Cyberwatch package repository

You can check the hardware prerequisites with these commands:

Follow the standard deployment procedure and stop before configuring Cyberwatch
Execute the following command on master node:
```
sudo cyberwatch show-secrets
```
Write the output of the previous command to file /etc/cyberwatch/secrets.env of the satellite node:
```
sudo vim /etc/cyberwatch/secrets.env
sudo chmod 600 /etc/cyberwatch/secrets.env
```
Execute the following command on master node:
```
sudo cyberwatch show-root-cert
```
Write the output of the previous command to file /etc/cyberwatch/certs/cbw-root-ca-cert.pem of the satellite node:
```
sudo mkdir -p /etc/cyberwatch/certs
sudo vim /etc/cyberwatch/certs/cbw-root-ca-cert.pem
```
Configure Cyberwatch:
```
sudo cyberwatch configure --satellite
```
Verify that the satellite node is able to reach the master node:
```
sudo cyberwatch logs sidekiq
```