Brocade Communications Systems StoreFabric SN6500B Administrator's Manual page 267
Brocade fabric os encryption administrator's guide v7.1.0 (53-1002721-01, march 2013)
Hide thumbs
Also See for StoreFabric SN6500B:
- User manual (1505 pages) ,
- Command reference manual (1168 pages) ,
- Reference (934 pages)
Table of Contents
Advertisement
The 2:2 EG split exception
5. Reregister all nodes from that were a part of the other encryption group islands.
6. Verify your encryption group is re-converged.
Fabric OS Encryption Administrator's Guide (SKM/ESKM)
53-1002721-01
Encryption group not defined: Cluster DB and Persistent DB not present, No
Encryption Group Created or Defined.
The encryption group deletion procedure may be done directly in every scenario except when
there has been a 2:2 split. In that special case, the other encryption group island consists of
one group leader and one member node. The group leader node has taken over the group
leader role, and has been successful in contacting one member node, placing the member
node in a DEF_NODE_STATE_DISCOVERED state. Before you can delete the encryption group,
you must eject the discovered member node from the group leader node (EGisland2GLNode in
the command example that follows). To determine which node is the discovered member node
that needs to be ejected, use the following command:
EGisland2GLNode:admin-> cryptocfg --show -groupmember -all
NODE LIST
Total Number of defined nodes:
Group Leader Node Name:
Encryption Group state:
.... Output truncated...
Node Name:
State:
...Output truncated...
Eject the node shown above which is in the DEF_NODE_STATE_DISCOVERED state using the
following command:
EGisland2GLNode:admin-> cryptocfg --eject -membernode 10:00:00:05:1e:c1:9b:91
You can now delete the encryption group from the member node using the cryptocfg
encgroup command, and perform a cryptocfg
-
encryption group is defined on the member node as was done for Node181 in the two node
example, as shown near the beginning of
From Node182, you need to determine the CP certificate name associated with Node181. Use
the following command to look for Node182's CP certificate name:
Node182:admin-> cryptocfg --show -file -all
The output of this command will display a listing of all imported CP certificates. Identify the
certificate associated with Node181 and then use it to re-register Node181 as follows:
Node182:admin-> cryptocfg --reg -membernode 10:00:00:05:1e:55:33:33 <node181's
certificate file name> <node181's IP address>
Within a minute or two; the encryption group will re-converge.
Node181:admin-> cryptocfg --show -groupcfg
Node182:admin-> cryptocfg --show -groupcfg
Both nodes will now show a two node CONVERGED EG in which Node182 is the group leader
ode and Node181 is a member Node.
Encryption group merge and split use cases
4
10:00:00:05:1e:54:22:44
CLUSTER_STATE_DEGRADED
10:00:00:05:1e:c1:9b:91
DEF_NODE_STATE_DISCOVERED
show
groupcfg command to verify that no
--
-
step
4.
6
delete
--
319
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Brocade Communications Systems StoreFabric SN6500B
Related Products for Brocade Communications Systems StoreFabric SN6500B
- Brocade Communications Systems SN3000B
- Brocade Communications Systems FastIron SX 800
- Brocade Communications Systems FastIron SX 1600
- Brocade SX 800
- Brocade SX 1600
- Brocade Communications Systems ServerIron ADX
- Brocade Communications Systems Slim Rail Rack Mount
- Brocade Communications Systems SilkWorm 2000
- Brocade Communications Systems SI1000
- Brocade Communications Systems SI1000F
- Brocade Communications Systems SI4000
- Brocade Communications Systems SI10000
- Brocade Communications Systems Brocade 8/12c
- Brocade Communications Systems Brocade 8/24c
- Brocade Communications Systems Brocade BladeSystem 4/12
- Brocade Communications Systems Brocade BladeSystem 4/24