Several Member Nodes Split Off From An Encryption Group - Brocade Communications Systems StoreFabric SN6500B Administrator's Manual

6
Encryption group merge and split use cases
•
•
Recovery
1. Restore connectivity between the two separate encryption group islands.
2. After the encryption group enters the converged state, execute the cryptocfg
Should you decide to remove the isolated node N3, follow the procedures described in the section
"Removing a member node from an encryption group"

Several member nodes split off from an encryption group

Assume N1, N2, N3, and N4 form an encryption group and N2 is the group leader node. N3 and N1
are part of an HA cluster. Assume that both N3 and N4 lost connection with the encryption group
but can still communicate with each other. Following the group leader succession protocol, N3
elects itself as group leader to form a second encryption group with itself and N4 as group
members. We now have two encryption groups, EG1 (group leader N2 + N1), and EG2 (group
leader N3 + N4).
Impact
•
•
•
•
314
The isolation of N3 from the group leader breaks the HA cluster and failover capability between
N3 and N1.
You cannot configure any CryptoTargets, LUN policies, tape pools, or security parameters on
any of the group leaders. This would require communication with the "offline" member nodes.
You cannot start any rekey operations (auto or manual) on any of the nodes. Refer to the
section "Configuration impact of encryption group split or node isolation"
more information on which configuration changes are allowed.
When the lost connection is restored, an automatic split recovery process begins. The current
group leader and the former group leader (N3 and N2 in this example) arbitrate the recovery,
and the group leader with the majority number of members (N2) becomes group leader. If the
number of member nodes is the same, the group leader node with the highest WWN becomes
group leader.
command on the group leader node to distribute the crypto-device configuration from the
group leader to all member nodes.
The two encryption groups continue to function independently of each other as far as host I/O
encryption traffic is concerned.
Each encryption group registers the missing members as "offline".
The isolation of N3 from the original encryption group breaks the HA cluster and failover
capability between N3 and N1.
You cannot configure any CryptoTargets, LUN policies, tape pools, or security parameters on
any of the group leaders. This would require communication with the "offline" member nodes.
You cannot start any rekey operations (auto or manual) on any of the nodes. Refer to the
section"Configuration impact of encryption group split or node isolation"
information on which configuration changes are allowed.
on page 302.
Fabric OS Encryption Administrator's Guide (SKM/ESKM)
on page 320 for
commit
--
on page 320 for more
53-1002721-01