Recovery, Impact – Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual
Page 278
258
Fabric OS Encryption Administrator’s Guide (DPM)
53-1002922-01
Encryption group merge and split use cases
6
•
The isolation of N3 from the group leader breaks the HA cluster and failover capability between
N3 and N1.
•
You cannot configure any CryptoTargets, LUN policies, tape pools, or security parameters on
any of the group leaders. This would require communication with the “offline” member nodes.
You cannot start any rekey operations (auto or manual) on any of the nodes. Refer to the
section
“Configuration impact of encryption group split or node isolation”
more information on which configuration changes are allowed.
Recovery
1. Restore connectivity between the two separate encryption group islands.
When the lost connection is restored, an automatic split recovery process begins. The current
group leader and the former group leader (N3 and N2 in this example) arbitrate the recovery,
and the group leader with the majority number of members (N2) becomes group leader. If the
number of member nodes is the same, the group leader node with the highest WWN becomes
group leader.
2. After the encryption group enters the converged state, execute the cryptocfg
--
commit
command on the group leader node to distribute the crypto-device configuration from the
group leader to all member nodes.
Should you decide to remove the isolated node N3, follow the procedures described in the section
“Removing a member node from an encryption group”
Several member nodes split off from an encryption group
Assume N1, N2, N3, and N4 form an encryption group and N2 is the group leader node. N3 and N1
are part of an HA cluster. Assume that both N3 and N4 lost connection with the encryption group
but can still communicate with each other. Following the group leader succession protocol, N3
elects itself as group leader to form a second encryption group with itself and N4 as group
members. We now have two encryption groups, EG1 (group leader N2 + N1), and EG2 (group
leader N3 + N4).
Impact
•
The two encryption groups continue to function independently of each other as far as host I/O
encryption traffic is concerned.
•
Each encryption group registers the missing members as “offline”.
•
The isolation of N3 from the original encryption group breaks the HA cluster and failover
capability between N3 and N1.
•
You cannot configure any CryptoTargets, LUN policies, tape pools, or security parameters on
any of the group leaders. This would require communication with the “offline” member nodes.
You cannot start any rekey operations (auto or manual) on any of the nodes. Refer to the
section
“Configuration impact of encryption group split or node isolation”
on page 264 for more
information on which configuration changes are allowed.