beautypg.com

High availability clusters, Ha cluster configuration rules – Brocade Fabric OS Encryption Administrator’s Guide Supporting HP Secure Key Manager (SKM) and HP Enterprise Secure Key Manager (ESKM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 77

background image

Fabric OS Encryption Administrator’s Guide (SKM/ESKM)

57

53-1002923-01

High availability clusters

2

High availability clusters

A high availability (HA) cluster consists of exactly two encryption engines configured to host the
same CryptoTargets and to provide Active/Standby failover and failback capabilities in a single
fabric. One encryption engine can take over encryption and decryption tasks for the other
encryption engine if that member fails or becomes unreachable.

NOTE

HA clusters between two EEs should not be confused with High Availability opaque mode that is
supported in KMIP.

When creating a new HA cluster, add one engine to create the cluster, then add the second engine.
You can make multiple changes to the HA Clusters list; the changes are not applied to the switch
until you click OK.

Both engines in an HA cluster must be in the same fabric, as well as the same encryption group.

NOTE

An IP address is required for the management port for any cluster-related operations.

HA cluster configuration rules

The following rules apply when configuring an HA cluster:

The encryption engines that are part of an HA cluster must belong to the same encryption
group and be part of the same fabric.

An HA cluster cannot span fabrics and it cannot provide failover/failback capability within a
fabric transparent to host MPIO software.

HA cluster configuration and related operations must be performed on the group leader.

HA clusters of FS8-18 blades should not include blades in the same DCX Backbone chassis.

NOTE

In Fabric OS 6.3.0 and later, HA cluster creation is blocked when encryption engines belonging
to FS8-18 blades in the same DCX Backbone chassis are specified.

Cluster links must be configured before creating an HA cluster. Refer to the section

“Configuring cluster links”

on page 133 for instructions.

It is recommended that the HA cluster configuration be completed before you configure
storage devices for encryption.

It is mandatory that the two encryption engines in the HA cluster belong to two different nodes
for true redundancy. This is always true for Brocade Encryption Switches, but is not true if two
FS8-18 blades in the same DCX Backbone chassis are configured in the same HA cluster.

NOTE

An IP address is required for the management port for any cluster-related operations.

See also other documents in the category Brocade Computer Accessories: