2.5 Cluster technology In the following topics, we describe the cluster technology approaches. 2.5.1 High availability cluster configurations A high availability cluster (HA or HA cluster) is a special mode of operation of two EEs that are aware of the same DEK and that have access to the same key vault. A cluster consists of two EEs in separate encryption nodes that are configured to host the same crypto targets and to provide active/standby failover and failback capabilities in a single fabric. Failover is automatic (not configurable) and occurs automatically, by default; however, it is configurable with a manual failback option. To be able to configure a manual failback option, two 1 Gigabit Ethernet (GbE) ports are connected to the private LAN to exchange status information and keep alive frames. The HA cluster has these rules and limitations: The EEs that are part of an HA cluster must belong to the same EG and be part of the same fabric. An HA cluster cannot span fabrics, and it cannot provide failover/failback capability within a fabric that is transparent to host multipath I/O (MPIO) software. All HA cluster configuration and related operations must be performed on the group leader. Cluster links must be configured before creating an HA cluster. Configuration changes must be committed before they take effect. Any operation that is related to an HA cluster that is performed without a commit operation will not survive across switch reboots, power cycles, CP failover, or HA reboots. We advise that you complete the HA cluster configuration before you configure storage devices for encryption. It is mandatory that the two EEs in the HA cluster belong to two separate nodes for true redundancy. This rule is always the case for IBM SAN32B-E4 switches, but it is not true if two IBM SAN768/384 Encryption Blades in the same IBM SAN768/384 chassis are configured in the same HA cluster. In Fabric OS V6.3.0 and later releases, HA cluster creation is blocked when EEs belonging to IBM SAN768/384 Encryption Blades in the same IBM SAN768/384 chassis are specified. HA active-standby cluster This type of setup has only one active EE and one active CTC. As shown in Figure 2-8 on page 28 in our cluster setup, EE2 has fully replicated the configuration of EE1 and does not route traffic through itself (EE2). All traffic goes through EE1. In the case of a failover, EE2 starts to route traffic through itself. Chapter 2. Terminology and technology 27