After you configure a Grid Master and add members, you might need to perform the following tasks:
...
From the Grid tab, select the Grid Manager tab.
Expand the Toolbar and select Grid Properties -> Edit.
In the Grid Properties editor, select the General tab -> click the Basic tab, and then modify any of the following:
Grid Name: Type the name of a Grid. The default name is Infoblox.
Shared Secret: Type a shared secret that all Grid members use to authenticate themselves when joining the Grid. The default shared secret is test.
Shared Secret Retype: Type the shared secret again to confirm its accuracy.
Time Zone: Choose the applicable time zone from the drop-down list.
Date: Click the calendar icon to select a date or enter the date in YYYY-MM-DD format.
Time: Click the clock icon to select a time or enter the time in HH:MM:SS format.
VPN Port: Type the port number that the Grid members use when communicating with the Grid Master through encrypted VPN tunnels. The default port number is 1194. For more information, see Port NumbersforGridCommunication.
Enable Recycle Bin: Select the checkbox to enable the Recycle Bin. The Recycle Bin stores deleted items when the user deletes Grid, DNS, or DHCP configuration items. Enabling the Recycle Bin allows you to undo deletions and to restore the items on the appliance at a later time. If you do not enable this feature, deleted items from the GUI are permanently removed from the database.
Audit Logging: Select one of the following:
Detailed: This is the default type. It is automatically selected. It provides detailed information on all administrative changes such as the date and time stamp of the change, administrator name, changed object name, and the new values of all properties.
Brief: Provides information on administrative changes such as the date and time stamp of the change, administrator name, and the changed object name. It does not show the new value of the object.
WAPI Detailed: Select this option to view detailed WAPI (RESTful API) session information logs for successful WAPI calls such as PUT, POST, and DELETE. You can view the URI, InData and response time for each WAPI call. For more information, see Monitoring Tools.
In the Grid Properties editor, select the General tab -> click the Advanced tab (or click Toggle Advanced Mode) and modify any of the following:
Enable GUI Redirect from Member: Select this checkbox to allow the appliance to redirect the Infoblox GUI from a Grid member to the Grid Master.
Note that if read-only API access is enabled for a Grid Master Candidate, then selecting the Enable GUI Redirect from Member checkbox for the Grid Master Candidate does not redirect the Infoblox GUI from the Grid Master Candidate to the Grid Master. For more information about enabling read-only API access on a Grid Master Candidate, see Enabling Read-only API Access on the Grid Master Candidate.
Enable GUI/API Access via both MGMT and LAN1/VIP: Select this checkbox to allow access to the Infoblox GUI and API using both the MGMT and LAN1 ports for standalone appliances and MGMT and VIP ports for an HA pair. This feature is valid only if you have enabled the MGMT port. For information about enabling the MGMT port, see ApplianceManagement.
Note that the appliance uses the MGMT port only to redirect the Infoblox GUI from a Grid member to the Grid Master even after you enable the Enable GUI/API Access via both MGMT and LAN1/VIP feature.Show Restart Banner: Select this checkbox to enable the appliance to display the Restart Banner at the top of Grid Manager whenever the appliance notifies you that a service restart is required.
Require Name: Select this checkbox to prompt the administrator to input the username before performing the service restart. When you select this checkbox, the appliance displays the Confirm Restart Services dialog box. Enter the username in the Name field and click Restart Services. For information about restarting service, see RestartingServices.
Save the configuration.
If you changed the VPN port number, time zone, date or time, Grid Manager displays a warning indicating that a product restart is required. Click Yes to continue, and then log back in to Grid Manager after the application restarts.Configuring Notice
Configuring Security Level Banner
...
Security banner appears on the header and footer of the Grid Manager screen including the Login screen.
...
Configuring Notice and Consent Banner
You can configure and publish a notice and consent banner as the first login screen that includes specific terms and conditions you want end users to accept before they log in to the Infoblox Grid. When an end user tries to access Grid Manager, this banner is displayed as the first screen. The user must accept the terms and conditions displayed on the consent screen before accessing the login screen of Grid Manager. Only superusers can configure and enable this feature.
To configure the notice and consent banner:
...
You cannot upgrade the Grid during a test promotion.
You can do a test promotion of only one Grid Master Candidate at a time.
If new members are added when a test promotion is in progress, connection of the new members to the Grid Master Candidate will not be tested.
If Threat Protection is enabled in the Grid and the member running the Threat Protection service is in the list of tested members, you must set the value in the Timeout field to at least 30 seconds. This is because Threat Protection needs to publish a new rule that allows traffic to pass from tested members. If you set a lower timeout value, the packets may be dropped and the test will report that the member cannot connect to the tested Grid Master Candidate.
Communication between DUT and Grid Master is not tested because of firewall complications and running the OpenVPN connection. Communication is supposed to be already checked and DUT is already connected to Grid Master.
You cannot run continuous testing when a regular test is in progress and you cannot run a regular test when continuous testing is in progress.
If multiple public cloud instances such as AWS, Azure, GCP and so on are configured as the Grid Master Candidate, ensure that these instances are able to communicate with other public cloud instances. Otherwise, the Grid Master Candidate promote test does not work.
...
Establish a serial connection (through a serial console or remote access using SSH) to the Master Candidate. For information about making a serial connection, see Method2–UsingtheCLI.
At the CLI prompt, use the command
set promote_masterto promote the Master Candidate and send notifications to all Grid members immediately, or promote the Master Candidate to the Grid Master immediately and specify the delay time for the Grid members to join the new Grid Master. For more information about the command, refer to the Infoblox CLI Guide.To verify the new master is operating properly, log in to the Infoblox Grid Manager on the new master using the VIP address for an HA master or the IP address of the LAN1 port for a single master.
Check the icons in the Status column. Also, select the master, and then click the Detailed Status icon in the table toolbar. You can also check the status icons of the Grid members to verify that all Grid members have connected to the new master. If you have configured delay time for Grid member notification, it will take some time for some members to connect to the new master. You can also check your firewall rules and log in to the CLI to investigate those members.
Note that when you promote the Master Candidate to a Grid Master, the IP address will change accordingly. If you have configured a FireEye appliance, then any changes in the Grid Master IP address, FireEye zone name, associated network view or the DNS view will affect the Server URL that is generated for a FireEye appliance. The FireEye appliance will not be able to send alerts to the updated URL when there is a change in the IP address. You must update the URL in the FireEye appliance to send alerts to the NIOS appliance. For more information, see ConfiguringFireEye Configuring FireEye RPZs.
Enabling Read-only API Access on the Grid Master Candidate
...