cluster restore run

Run a cluster restore operation on demand. This command does not restore the cluster SMK (see The Cluster Partition). Refer to Backing Up the Cluster SMK for this procedure.

NOTE Thales requires minimum Luna Appliance Software 7.8.5 with the lnh_cluster-1.0.4 package, Luna HSM Firmware 7.8.4, and Luna HSM Client 10.7.2 to use clusters in production environments, or minimum Luna Appliance Software 7.9.0 with the lnh_cluster-1.0.5 package, Luna HSM Firmware 7.8.4, and Luna HSM Client 10.8.0 to migrate keys from Luna application partitions.

Backup and restore operations can only be done on the primary member of the cluster. Stop the cluster service on all non-primary members of the cluster before you begin the restore operation:

lunash:> service stop cluster

NOTE

>Using lnh_cluster-1.0.5 and newer, backups can be restored only to a cluster configured in the same identity mode as the backup (see Keyring Roles and Identity Modes). Attempts to restore a backup taken from a single-identity cluster to a dual-identity cluster, or vice-versa, will fail. If you have configured the cluster in dual-identity mode, it is therefore impossible to restore a backup made from an earlier lnh_cluster version.

>Using lnh_cluster-1.0.5 and newer, you may restore keyrings to a cluster configured in a different client assignment mode than the backup (see Client Assignment Modes). Client assignment information is not included in the backup file, so if you restore to a new or factory-reset cluster in manual assignment mode, you must assign keyrings to clients again. If you are restoring to a cluster that already has keyrings assigned to clients, those assignments are preserved when the keyrings are restored.

> Keyrings on the target cluster have their configuration (roles, passwords, lock status) restored to their backup state. Objects stored on keyrings are overwritten by their backup versions. Keyrings and objects that do not have a backup version are left unchanged by the restore operation.

REST API: PUT /api/cluster/restore

User Privileges

Users with the following privileges can perform this command:

>Admin

Syntax

cluster restore run -filename <filename> -restorepassword <password> -type keyring

Argument(s)	Shortcut	Description
-filename <filename>	-f	Specifies the backup filename to restore from.
-restorepassword <password>	-r	Specifies the password that was set on the backup file.
-type <string>	-t	Restores keyring data from a backup file. You must specify keyring as the data type.

Example

lunash:>cluster restore run -filename myBackup.tar.gz -type keyring -restorePassword myBUpassword

Successfully started job with ID 6

Command Result : 0 (Success)



	SUPPORT	LEGAL
Luna Network HSM 7 Documentation © Copyright 2001-2025, Thales Group Last Updated: 2025-09-08 10:09:58 GMT-05:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information