Configuring HA Auto-Recovery

When auto-recovery is enabled, SafeNet Luna HSM Client performs periodic recovery attempts when it detects a member failure. HA auto-recovery is disabled by default for new HA groups. To enable it, you must set a maximum number of recovery attempts. You can also set the frequency of recovery attempts, and the auto-recovery mode (activeBasic or activeEnhanced). These settings will apply to all HA groups configured on the client.

To configure HA auto-recovery

1.Set the desired number of recovery attempts by specifying the retry count as follows (hagroup retry):

Set a value of 0 to disable HA auto-recovery

Set a value of -1 for unlimited retries

Set any specific number of retries from 1 to 500

lunacm:> hagroup retry -count <retries>

lunacm:> hagroup retry -count -1
 
        HA Auto Recovery Count has been set to -1
 
Command Result : No Error

2.[Optional] Set the desired frequency of recovery attempts by specifying the time in seconds (hagroup interval). The acceptable range is 60-1200 seconds (default: 60).

lunacm:> hagroup interval -interval <seconds>

lunacm:> hagroup interval -interval 120
 
        HA Auto Recovery Interval has been set to 120 seconds.
 
Command Result : No Error

3.[Optional] Set the auto-recovery mode (hagroup recoverymode). The default is activeBasic.

lunacm:> hagroup recoverymode -mode {activeBasic | activeEnhanced}

lunacm:> hagroup recoverymode -mode activeEnhanced
 
        HA Auto Recovery Mode has been set to activeEnhanced mode.
 
Command Result : No Error

4.[Optional] Check that auto-recovery has been enabled (hagroup listgroups). You are prompted for the Crypto Officer password/challenge secret.

lunacm:> hagroup listgroups

lunacm:> hagroup listgroups
 
        If you would like to see synchronization data for group myHAgroup,
        please enter the password for the group members. Sync info
        not available in HA Only mode.
 
        Enter the password: ********
 
              HA auto recovery:  enabled
              HA recovery mode:  activeEnhanced
   Maximum auto recovery retry:  infinite
   Auto recovery poll interval:  120 seconds
                    HA logging:  disabled
            Only Show HA Slots:  no


Customer Support Portal

SafeNet Luna Network HSM 7.2 Product Documentation  13 December 2019  Copyright 2001-2019 Thales. All rights reserved.