Fabric OS Encryption Administrator's Guide v6.4.0 (53-1001864-01, June 2010)

Fabric OS Encryption Administrator’s Guide 191
53-1001864-01
Encryption group and HA cluster maintenance
6
A member node reboots and comes back up
Assumptions
N1, N2 and N3 form an encryption group and N2 is the group leader node. N3 and N1 are part of
an HA cluster. Assume that N3 reboots and comes back up.
Impact
When N3 reboots, all devices hosted on the encryption engines of this node automatically fail over
to the peer encryption engine N1, and N1 now performs all of the rebooted node’s encryption
services. Any re-key sessions in progress continue. Re-key sessions owned by N3’s encryption
engine are failed over to N1.
Recovery
If auto failback policy is set, no intervention is required. After the node has come back up, all
devices and associated configurations and services that failed over earlier to N1 fail back to N3.
The node resumes its normal function.
If auto failback policy is not set, invoke a manual failback if required. Refer to the section
“Performing a manual failback of an encryption engine” on page 188 for instructions.
A member node lost connection to the group leader
Assumptions
N1, N2 and N3 form an encryption group, and N2 is the group leader node. N3 and N1 are part of
an HA cluster. Assume that N3 lost connection to the group leader node N2 but still maintains
communications with other nodes in the encryption group.
Impact
Failover to N1 does not occur, because the isolated node and the encryption engines’ encryption
services continue to function normally. However the disconnect of N3 from the group leader breaks
the HA cluster and failover capability between N3 and N1.
You cannot configure any CryptoTargets, LUN policies, tape pools, or security parameters that
would require communication with the isolated member node. In addition, you cannot start any
re-key operations (auto or manual).
Refer to the section “Configuration impact of encryption group split or node isolation” on page 194
for more information on which configuration changes are allowed.
Recovery
Restore connectivity between the isolated node and the group leader. No further intervention is
required.