By default all members in an HA group are treated as active. That is, they are both kept current with key material and used to load-balance cryptographic services. In some deployment scenarios it makes sense to define some members as standby. Standby members are registered just like active members except, after they are added to the HA group, they are defined as “standby”. As depicted below, applications can be deployed in geographically dispersed locations. In this scenario, use Luna’s standby capability to use the HSMs in the remote datacenter to cost-effectively improve availability.
In this mode, only the local units (non-standby) are used for active load-balancing. However, as key material is created, it is automatically replicated to both the active (local) units and standby (remote) unit. In the event of a failure of all local members the standby unit is automatically promoted to active status. The primary reason for using this feature is to reduce costs while improving reliability and this approach allows remote HSMs that have high latency to be avoided when not needed. However, in the worst case scenario where all the local HSMs fail, the remote member automatically activates itself and keeps the application running.
To set an HSM to standby status:
vtl haAdmin -standbyMembers -set -group 165010001 -serialnum 66010002
For additional discussion on HA, see "HA Operational Notes".