beautypg.com

High availability (ha) clusters, Ha cluster configuration rules – Brocade Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User Manual

Page 86

background image

68

Fabric OS Encryption Administrator’s Guide (KMIP)

53-1002747-02

High availability (HA) clusters

2

High availability (HA) clusters

A high availability (HA) cluster cluster consists of exactly two encryption engines configured to host
the same CryptoTargets and to provide Active/Standby failover and failback capabilities in a single
fabric. One encryption engine can take over encryption and decryption tasks for the other
encryption engine if that member fails or becomes unreachable.

NOTE

High Availability clusters between two EEs should not be confused with High Availability opaque
mode that is supported in KMIP.

When creating a new HA Cluster, add one engine to create the cluster, then add the second engine.
You can make multiple changes to the HA Clusters list; the changes are not applied to the switch
until you click OK.

Both engines in an HA cluster must be in the same fabric, as well as the same encryption group.

NOTE

An IP address is required for the management port for any cluster-related operations.

HA cluster configuration rules

The following rules apply when configuring an HA cluster:

The encryption engines that are part of an HA cluster must belong to the same encryption
group and be part of the same fabric.

An HA cluster cannot span fabrics and it cannot provide failover/failback capability within a
fabric transparent to host MPIO software.

HA cluster configuration and related operations must be performed on the group leader.

HA clusters of FS8-18 blades should not include blades in the same DCX Backbone chassis.

NOTE

In Fabric OS 6.3.0 and later, HA cluster creation is blocked when encryption engines belonging
to FS8-18 blades in the same DCX Backbone chassis are specified.

Cluster links must be configured before creating an HA cluster. Refer to the section

“Configuring cluster links”

on page 135 for instructions.

It is recommended that the HA cluster configuration be completed before you configure
storage devices for encryption.

It is mandatory that the two encryption engines in the HA cluster belong to two different nodes
for true redundancy. This is always true for Brocade Encryption Switches, but is not true if two
FS8-18 blades in the same DCX Backbone chassis are confgiured in the same HA cluster.

NOTE

An IP address is required for the management port for any cluster-related operations.

See also other documents in the category Brocade Computer Accessories: