Brocade Fabric OS Encryption Administrator's Guide v6.3.0 (53-1001341-02, July 2009)
100 Encryption Administrator’s Guide
53-1001341-02
High Availability (HA) cluster configuration
3
High Availability (HA) cluster configuration
An HA cluster consists of two encryption engines configured to host the same CryptoTargets and to
provide Active/Standby failover and failback capabilities in a single fabric. Failover is automatic
(not configurable). Failback occurs automatically by default, but is configurable with a manual
failback option. All encryption engines in an HA cluster share the same DEK for a disk or tape LUN.
An HA cluster has the following limitations:
• The encryption engines that are part of an HA cluster must belong to the same encryption
group and be part of the same fabric.
• An HA cluster cannot span fabrics and it cannot provide failover/failback capability within a
fabric transparent to host MPIO software.
NOTE
Failure to ensure that HA cluster members are part of the same encryption group dissolves the HA
cluster and the encryption engines lose their failover capability.
A special kind of HA configuration is a DEK cluster. A DEK cluster consists of a set of HA clusters
whose encryption engines can host all paths of the same LUN. Or it can consist of regular
standalone encryption engines (not configured into HA clusters) that host paths to the same LUN.
All encryption engines in a DEK cluster share the same DEK set, and must be configured, on a
per-LUN basis, with the same LUN policies. A DEK cluster works around some of the limitations of
an HA cluster. The encryption engines in a DEK cluster may belong to different fabrics and provide
failover/failback capability within a SAN by utilizing host MPIO software.
You cannot configure or view a DEK cluster. The DEK cluster is a dynamic grouping established by
the Brocade Encryption Switch or FS8-18 blade based on the encryption engines that are
configured to host paths to the same LUN.
HA cluster configuration rules
The following rules apply when configuring an HA cluster:
• All HA cluster configuration and related operations must be performed on the group leader.
• I/O sync links must be configured before creating an HA cluster. Refer to the section “I/O sync
link configuration” on page 88 for instructions.
• Configuration changes must be committed before they take effect. Any operation related to an
HA cluster that is performed without a commit operation will not survive across switch reboots,
power cycles, CP failover, or HA reboots.
• It is recommended that the HA cluster configuration be completed before you configure
storage devices for encryption.
• It is mandatory that the two encryption engines in the HA cluster belong to two different nodes
for true redundancy. This is always the case for Brocade encryption switches, but is not true if
two FS8-18 blades in the same DCX or DCX-4S chassis are configured in the same HA cluster.
In Fabric OS version 6.3.0 and later releases, HA cluster creation is blocked when encryption
engines belonging to FS8-18 blades in the same DCX or DCX-4S are specified.