Brocade Fabric OS Command Reference - Supporting Fabric OS v7.0.1 (53-1002447-01, March 2012)
180 Fabric OS Command Reference
53-1001764-01
cryptoCfg
22
cryptocfg --replace [-haclustermember HA_cluster_name]
current_node_WWN [slot] new_node_WWN [slot]
cryptocfg --show -hacluster -all | HA_cluster_name
DESCRIPTION Use these cryptoCfg commands to configure and manage High Availability (HA) clusters.
An HA cluster consists of two encryption engines configured to host the CryptoTargets and to provide the
active/standby failover and failback capabilities in a pair-wise relationship in a single fabric. The
encryption engines that are part of an HA cluster must belong to the same encryption group and be part
of the same fabric.
Failure to ensure that HA cluster members are part of the same encryption group dissolves the HA
cluster and the encryption engines lose their failover capability.
The HA cluster configuration must be performed on the group leader. Configuration changes must be
committed before they take effect. Use the cryptocfg --commit command to commit a new configuration
or a configuration change. Refer to section "5. Transaction management" for more information. Any
operation related to an HA cluster performed without a commit operation will not survive across switch
reboots, power cycles, CP failover, or HA reboots.
The command group includes a show option, --show -hacluster. When invoked on a member node, this
command displays the committed HA cluster configuration. When invoked on the group leader, both
defined and committed configuration data is displayed including the following parameters:
• Encryption group name: A user-defined name
• Number of HA clusters in the existing encryption group: numeric value
• For each HA cluster:
- HA cluster name: user-defined label
- Number of encryption engine entries: numeric value
- HA cluster Status: Committed or Defined
• For each encryption engine member in the HA cluster:
- EE WWN: the encryption group world wide name
- EE slot number: the encryption group slot number
- EE status: online or offline
OPERANDS The cryptoCfg HA cluster configuration function has the following operands:
--help -hacluster
Displays the synopsis for the HA cluster configuration function. This command is
valid on all nodes.
--create -hacluster
Defines an HA cluster with a specified name and optionally associates up to two
encryption engines with the HA cluster. This command is valid only on the group
leader. The EEs must be members of the same encryption group as the group
leader on which this command is issued. This command fails if the member
nodes' IP addresses for the GbE ports (I/O sync ports) are not configured. The
encryption engines must belong to different switches or chassis. This rule is
enforced by the CLI to ensure redundancy.
The following operands are supported:
HA_cluster_name
Specifies the name for the HA cluster. The name can be up to 31 characters long
and can include alphanumeric characters, hyphens, and underscores. White
space and other special characters are not permitted. This operand is required.