Configuration Upload And Download Considerations; Configuration Upload At An Encryption Group Leader Node - Brocade Communications Systems Brocade 8/12c Administrator's Manual
Supporting hp secure key manager (skm) environments and hp enterprise secure key manager (eskm) environments
Hide thumbs
Also See for Brocade 8/12c:
- User manual (1301 pages) ,
- Command reference manual (1132 pages) ,
- Reference (362 pages)
Table of Contents
Advertisement
5
Configuration upload and download considerations
3. Make sure that these Crypto Target Containers and LUNs actually failover to node 2 (BES2) in
4. On node 1 (BES1) enable the Encryption Engine, by issuing the following command.
5. Start firmware download (upgrade) on the node 1 (BES1). Refer to the Fabric OS
6. After firmware download is complete and node 1 (BES1) is back up, make sure the encryption
7.
8. Check that Crypto Target Containers and associated LUNs fail back successfully on node 1
9. To upgrade node 2 (BES2), Repeat steps 2 to 8.
10. After all nodes in the Encryption Group have been upgraded, change back the failback mode to
Configuration upload and download considerations
Security information is not included when you upload a configuration from an encryption switch or
blade. Extra steps are necessary before and after download to re-establish that information. The
following sections describe what information is included in a upload from an encryption group
leader and encryption group member load, what information is not included, and the steps to take
to re-establish the information.
Configuration upload at an encryption group leader node
A configuration upload performed at an encryption group leader node contains the following:
•
•
•
192
cryptocfg --disableEE
the HA cluster. Check for all LUNs in encryption enabled state on node 2 (BES2). This ensures
that I/O also fails over to node 2 (BES2) and continues during this process.
cryptocfg --enableEE
Administrator's Guide if necessary to review firmware download procedures.
engine is online.
On node 1 (BES1) initiate manual failback of CryptoTarget containers and associated LUNs
from node 2 (BES2) to node 1 (BES1) by issuing the following command.
cryptocfg --failback -EE
(BES1) and host I/O also moves from node 2 (BES2) to node 1 (BES1) and continues during
the failback process.
auto from manual, if required by issuing the following command.
cryptocfg --set -failback auto
The local switch configuration.
Encryption group-related configuration.
The encryption group-wide configuration of Crypto Targets, disk and tape LUNs, tape pools, HA
clusters, security, and key vaults.
Fabric OS Encryption Administrator's Guide
53-1002159-03
Advertisement
Table of Contents
Troubleshooting
