HP Brocade 8/12c Fabric OS Encryption Administrator's Guide - Page 255
Loss of encryption group leader after power outage
![]() |
View all HP Brocade 8/12c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 255 highlights
Loss of encryption group leader after power outage 6 Loss of encryption group leader after power outage When all nodes in an encryption group, HA Cluster, or DEK Cluster are powered down due to catastrophic disaster or power outage to whole data center, and the group leader node either fails to come back up when the other nodes are powered on, or the group leader is kept powered down, the member nodes lose information and knowledge about the encryption group. If this happens, no crypto operations or commands (except node initialization) are available on the member node after the power-cycle. This condition persists until the group leader back is online. When a group leader node fails to come back up, the group leader node can be replaced. Two scenarios are considered: • When encryption group information is not lost by member nodes • When encryption group information is also lost by member nodes Use the following procedure when encryption group information is not lost by the member nodes and one of the member nodes has taken the role of group leader: 1. From the new group leader node, deregister the old group leader node (which has failed) from the encryption group. cryptocfg --dereg -membernode 2. Reclaim the WWN base of the failed Brocade Encryption Switch. cryptocfg --reclaimWWN -membernode 3. Synchronize the crypto configurations across all member nodes. cryptocfg --commit NOTE When attempting to reclaim a failed Brocade Encryption Switch, do not execute cryptocfg --transabort. Doing so will cause subsequent reclaim attempts to fail. 4. For any containers hosted on the failed group leader node, issue the cryptocfg - -replace command to change the WWN association of containers from the failed group leader node to the new group leader node (or any other member node in the encryption group) for all containers on the encryption engine. Use the following procedure to replace the failed group leader node with a new node when encryption group information is lost by member nodes: 1. On the new node, perform the switch/node initialization steps as described in Chapter 3. 2. Create an encryption group on the new node with the same encryption group name as before. 3. Use the configdownload command to download previously uploaded group leader node and encryption group configuration files to the new node. 4. For any containers hosted on the failed group leader node, issue the cryptocfg - -replace command to change the WWN association of containers from failed group leader node to the new group leader node for all containers on the encryption engine. Fabric OS Encryption Administrator's Guide 235 53-1002159-03
![](/manual_guide/products/hewlettpackard-brocade-812c-fabric-os-encryption-administrator039s-guide-2e9e911/255.png)