Partnerships
Partnerships are used to connect systems together to enable migration, data replication, and high-availability solutions.
- By using Fibre Channel connectivity.
- By using IP connectivity.
In addition to the partnership for data transfer between systems, IP connectivity is also required between the management IP addresses of each system to access the REST API for management. Management traffic uses authentication certificates to ensure secure communications between systems.
When you use the management GUI to configure high availability or disaster recovery by using storage partitions, the GUI guides through the steps that are required to configure suitable partnerships between systems. It is not necessary to create partnerships between systems beforehand.
Using the management GUI
When you create a partnership between systems for high availability or disaster recovery by using GUI, certificates are automatically exchanged between systems to create a truststore on each system. No additional steps are required.
Using the command-line interface
- On the first system, use the following command to export the
certificate:
The certificate is exported to a file named /dumps/certificate.pem.chsystemcert -export
- Copy the certificate file from the system to your local workstation by using an SCP client. Then, use SCP to upload the certificate file to the /tmp/ directory on the second system.
- On the second system, create the truststore by using the following
command:
Naming the truststore is optional. But, in environments with multiple partnerships or multiple truststores, it helps to identify which truststores are used for which purpose.mktruststore -file /tmp/certificate.pem -restapi on -name <remote_cluster_name>
- Repeat the preceding steps to export the certificate from the second system and create a truststore on the first system.
You can use the lssystemcert command to view information about the current system certificate and the lstruststore command to list the truststores that exist on the system.