Multiple GuardPoint Pathnames
If you have multiple CTE-LDT hosts guarding and sharing the same CTE-LDT GuardPoint directory with different local pathnames, the pathname that will be associated with CTE-LDT operations is the pathname used on the CTE-LDT host designated with primary status.
When you are entering voradmin ldt
commands, you must use the primary host's local pathname for the GuardPoint when you specify the GuardPoint parameter. If another host is promoted to the primary status for the GuardPoint, and the GuardPoint directory pathname is different from the pathname on the previous primary host, then CTE-LDT changes the the pathname of the GuardPoint to the pathname of the new primary host.
For example, let's say you have two hosts (LDT_Host_1
and LDT_Host_2
) with the same directory in an NFS share mounted on different mount points on each host, and subsequently, you must enter the new primary host's local pathname for the GuardPoint:
-
GuardPoint on LDT_Host_1:
/nfs-oxf-fs1-host1/gp
-
GuardPoint on LDT_Host_2:
/nfs-oxf-fs1-host2/gp
When the GuardPoint is first added to LDT_Host_1
, that starts the initial data transformation:
secfsd -guard /nfs-oxf-fs1-host1/gp
secfsd: Guardpoint initialization in progress
MDS has the GuardPoint configured for rekey at /nfs-oxf-fs1-host1/gp
.
voradmin ldt list all
MDS_1: type=file, nguards=0, name=/nfs-oxf-fs1-host1/gp/::vorm:mds::
Guard Table: version 1 nentries 1
Guard 0: type=GP, state=REKEYING DIRTY, flags=GP LOCKED, gp=/nfs-oxf-fs1-host1/gp
File List: count 4
When the GuardPoint is enabled on LDT_Host_2, the host joins the LDT GuardPoint Group for the GuardPoint.
secfsd -guard /nfs-oxf-fs1-host2/gp
secfsd: Path is guarded
Disable the GuardPoint on LDT_Host_1
while rekey in progress:
This operation triggers the promotion of LDT_Host_2 to primary status:
secfsd -unguard /nfs-oxf-fs1-host1/gp
secfsd: Path is not guarded
On LDT_Host_2
, guard the same directory mounted at the different path:
voradmin ldt list all
secfsd -guard /nfs-oxf-fs1-host2/gp
secfsd: Path is guarded
MDS now has the GuardPoint configured for rekey at /nfs-oxf-fs1-host2/gp
on LDT_Host_2
.
voradmin ldt list all
MDS_1: type=file, nguards=0, name=/nfs-oxf-fs1-host2/gp/::vorm:mds::
Guard Table: version 1 nentries 1
Guard 0: type=GP, state=REKEYING SUSPENDED (qos), flags=GP LOCKED, gp=/nfs-oxf-fs1-host2/gp
File List: count 4