Or "How to add nodes (cluster join) to an ONTAP cluster with OKM (Onboard Key Manager) enabled (i.e. you're using NVE.)"
Example: Adding 2 nodes - nodes 3 and 4 - to a cluster called CLU01 - essentially we’re just refreshing missing onboard keys for the
new nodes:
security key-manager
setup -node CLU01-N03
{Enter the existing passphrase}
security key-manager
setup -node CLU01-N04
{Enter the current passphrase}
Can test NVE is working for the new nodes by creating
encrypted volumes on them.
This link is most clear:
The security key-manager setup command ...
... can also be used to refresh missing onboard keys. For
example, if you add a node to a cluster that has onboard key management
configured, you will run this command to refresh the missing keys.
Parameters
[-node {nodename}] - Node Name
This parameter is used only with onboard key management
when a refresh operation is required.
Comments
Post a Comment