You can assign multiple Baffle Shields to a single endpoint through the Baffle Manager admin console. When multiple Baffle Shields are assigned to the same endpoint, each shield must be listening on a different port number. For example, if the first Baffle Shield uses port 8444 (the default), a second Baffle Shield on the same endpoint would need to use port 8445, and so on.
This article provides steps for adding an additional Baffle Shield to an existing endpoint that already has an assigned Baffle Shield.
IMPORTANT: The user account used to log in to the Baffle Shield host machine must have a home directory on that system. Our example in the following task is for an AWS EC2 instance. However, you should enter the host user name for the account used to log in to your Baffle Shield host machine.
To add an additional Baffle Shield to an existing endpoint, do the following:
- Log in to the Baffle Manager and click the shield icon on the left navigation panel. A list of connected Baffle Shields appears.
- Click +BAFFLE SHIELD in the upper right corner and enter a name for the new Baffle Shield in the Add Baffle Shield dialog, then do the following:
- Select “Automated Deployment” for Deployment Model.
- Enter the Host Username centos to access the Baffle Shield EC2 Instance, as shown in our example. OR, enter the user name for the account used to log in to the Baffle Shield host machine. This user account must have a home directory on that system.
- Enter the same IP Address for the Baffle Shield that you used for the first shield.
- Enter a new port number for the Baffle Shield to listen for application connections. IMPORTANT! When multiple Baffle Shields are assigned to an endpoint, each shield must use a different port number. For example, if the first Baffle Shield uses port 8444 (the default), enter 8445 as the port number for the second Baffle Shield.
- Do the following:
- Select Use SSL if the data store connection uses SSL.
- Select Use SSH Key and upload the key that you selected when you set up the Shield instance. IMPORTANT! NOTE: An SSH pem key must be used to connect to Baffle Shield.
- Optionally, a username and password can be used to access the Baffle Shield.
- Click Add Baffle Shield to complete the process. The new Shield is added to the list of configured Baffle Shields.
- To add more Baffle Shields to the same endpoint, repeat steps 2 through 5.