HP Brocade 8/12c Fabric OS Encryption Administrator's Guide v6.4.0 (53-1001864 - Page 207
Encryption group merge and split use cases, A member node failed and is replaced
View all HP Brocade 8/12c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 207 highlights
Encryption group and HA cluster maintenance 6 • The failed EE2 has come back online, Failover is still active: SecurityAdmin:switch>cryptocfg --show -hacluster -all Encryption Group Name: brocade Number of HA Clusters: 1 HA cluster name: HAC3 - 2 EE entries Status: Committed WWN Slot Number EE1 => 10:00:00:05:1e:53:89:dd 0 EE2 => 10:00:00:05:1e:53:fc:8a 0 Status Online - Failover active Online • A manual failback is issued. SecurityAdmin:switch>cryptocfg --failback -EE 10:00:00:05:1e:53:89:dd 0 \ 10:00:00:05:1e:53:fc:8a 0 Operation succeeded. • After the failback completes, the -cryptocfg --show -hacluster -all command no longer reports active failover. SecurityAdmin:switch>cryptocfg --show -hacluster -all Encryption Group Name: brocade_1 Number of HA Clusters: 1 HA cluster name: HAC3 - 2 EE entries Status: Committed WWN Slot Number EE1 => 10:00:00:05:1e:53:89:dd 0 EE2 => 10:00:00:05:1e:53:fc:8a 0 Status Online Online Encryption group merge and split use cases This section describes recovery scenarios for the following cases: • "A member node failed and is replaced" on page 189 • "A member node reboots and comes back up" on page 191 • "A member node lost connection to the group leader" on page 191 • "A member node lost connection to all other nodes in the encryption group" on page 192 • "Several member nodes split off from an encryption group" on page 192 A member node failed and is replaced Assumptions N1, N2 and N3 form an encryption group and N2 is the group leader node. N3 and N1 are part of an HA cluster. Assume that N3 failed and you want to replace the failed N3 node with an alternate node N4. Impact When N3 failed, all devices hosted on the encryption engines of this node failed over to the peer encryption engines in N1, and N1 now performs all of the failed node's encryption services. Re-key sessions owned by the failed encryption engine are failed over to N1. Fabric OS Encryption Administrator's Guide 189 53-1001864-01