hagroup creategroup
Create an HA group. Use the -slot or -serialnumber options to specify the primary member for the group.
However, if you prefer to use the Luna Cloud HSM service as an active HA member, you must first edit the following toggle in the Chrystoki.conf/crystoki.ini configuration file (see Configuration File Summary):
[Toggles]
lunacm_cv_ha_ui = 0
CAUTION! Failover to Luna Cloud HSM is supported in an HA group with password-authenticated Luna partitions only. When configured in an HA group with multifactor quorum-authenticated Luna partitions, Luna Cloud HSM functions as a backup only.
For a more in-depth look at HA groups and their options please see High-Availability Groups.
Syntax
hagroup creategroup {-serialnumber <serialnum> | -slot <slotnumber>} -label <label> -password <password>
Argument(s) | Shortcut | Description |
---|---|---|
-serialnumber <serialnum> | -se | Serial number of the partition selected to be the primary member of the HA group. |
-slot <slotnumber> | -sl | Slot number of the partition selected to be the primary member of the HA group. |
-label <label> | -l | Label for the HA group being created. |
-password <password> | -p | Crypto Officer password for the primary partition. This password must be the same for all HA group member partitions. |
Example
lunacm:> hagroup creategroup -serialnumber 154438865288 -label myHAgroup Enter the password: ******** Warning: There are objects currently on the new member. Do you wish to propagate these objects within the HA group, or remove them? Type 'copy' to keep and propagate the existing objects, 'remove' to remove them before continuing, or 'quit' to stop adding this new group member. > copy New group with label "myHAgroup" created with group number 1154438865288. Group configuration is: HA Group Label: myHAgroup HA Group Number: 1154438865288 HA Group Slot ID: Not Available Synchronization: enabled Group Members: 154438865288 Needs sync: no Standby Members: <none> Slot # Member S/N Member Label Status ====== ========== ============ ====== 0 154438865288 sa78-2 alive Command Result : No Error LunaCM v7.0.0. Copyright (c) 2006-2017 SafeNet. Available HSMs: Slot Id -> 0 Label -> sa78-2 Serial Number -> 154438865288 Model -> LunaSA 7.0.0 Firmware Version -> 7.0.1 Configuration -> Luna User Partition With SO (PW) Signing With Cloning Mode Slot Description -> Net Token Slot Slot Id -> 1 Label -> sa40-2 Serial Number -> 1238700701515 Model -> LunaSA 7.0.0 Firmware Version -> 7.0.1 Configuration -> Luna User Partition With SO (PW) Signing With Cloning Mode Slot Description -> Net Token Slot Slot Id -> 5 HSM Label -> myHAgroup HSM Serial Number -> 1154438865288 HSM Model -> LunaVirtual HSM Firmware Version -> 7.0.1 HSM Configuration -> Luna Virtual HSM (PW) Signing With Cloning Mode HSM Status -> N/A - HA Group Current Slot Id: 0