Single-node eg replacement – Brocade Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User Manual

Page 302

Advertising
background image

284

Fabric OS Encryption Administrator’s Guide (KMIP)

53-1002747-02

Brocade Encryption Switch removal and replacement

6

31. If HA cluster membership for the old Brocade Encryption Switch was not in place, move

container movement to the new Brocade Encryption Switch using the following procedure.

a. Replace the old EE with the new EE using following command on the group leader.

Admin:switch> cryptocfg –-replace <WWN of old Brocade Encryption Switch>
<WWN of new Brocade Encryption Switch>

b. Issue commit.

Admin:switch> cryptocfg --commit

32. Check the EG state using the following command to ensure that the entire EG is in the

converged and In Sync state.

Admin:switch> cryptocfg –-show –groupcfg

Single-node EG Replacement

1. Upload the configuration stored on the Brocade Encryption Switch you are replacing using the

FOS configupload command.

2. Power off the Brocade Encryption Switch. Remove the Mgmt Link, I/O links, and FC cables from

the Brocade Encryption Switch, noting where each was attached so that the replacement
Brocade Encryption Switch can be cabled properly.

3. Power on the new Brocade Encryption Switch. Note that the FC cables have not yet been

plugged in.

4. Set the IP address for the new Brocade Encryption Switch using the ipAddrSet command for

both Mgmt and I/O links. Check that the switch name and domain ID associated with the
replacement switch match that of the original.

5. Initialize the new Brocade Encryption Switch node using following command:

Admin:switch> cryptocfg --initnode

6. Zeroize the new Brocade Encryption Switch.

Admin:switch> cryptocfg --zeroizeEE

7. If system card authentication was enabled, you must re-register the system card through the

BNA client for the new encryption engine.

8. Initialize the new encryption engine using the following command.

Admin:switch> cryptocfg --initEE [slotnumber]

9. Register the new encryption engine using the following command.

Admin:switch> cryptocfg --regEE [slotnumber]

10. Enable the new encryption engine using the following command.

Admin:switch> cryptocfg --enableEE [slotnumber]

Advertising
Popular Brands
Popular manuals