If a primary master in the IBM Security Guardium Key Lifecycle Manager
multi-master cluster fails, you might want to promote a standby master while you resolve the
failure.
About this task
If the primary master becomes unavailable, use the page or Promote Standby REST Service to change a standby master to
the primary master in the cluster.
Your role must have a permission to change a standby master to the primary master in the IBM Security Guardium Key Lifecycle Manager multi-master cluster.
You must manually restart WebSphere Application Server Liberty in all the
standby servers if an auxiliary standby is promoted as primary. WebSphere Liberty restart is not required when principal standby is
promoted as primary.
-
Go to the appropriate page or directory.
- Graphical user interface
-
- Log on to the graphical user interface.
- On the Welcome page, click .
- REST interface
- Open a REST client.
-
Promote the standby master to primary master server.
- Graphical user interface
-
- From the HADR Databases table, select the standby master that you want to
promote.
- Click Promote As Primary.
- On the Confirm dialog, read the confirmation message before you promote the
standby master.
- Click OK.
- REST interface
-
- Obtain a unique user authentication identifier to access IBM Security Guardium Key Lifecycle Manager REST services. For more information about the
authentication process, see Authentication process for REST services.
- To run Promote Standby REST Service, send the HTTP POST request. Pass the
user authentication identifier that you obtained in
Step a
along with the request
message as shown in the following
example.POST https://localhost:port/SKLM/rest/v1/ckms/config/nodes/takeoverAsPrimary
Content-Type: application/json
Accept: application/json
Authorization: SKLMAuth userAuthId=139aeh34567m
[
{clusterName:"multimaster"},
{"ipHostname": "civ3cez160"}
]
- Update the data source. For instructions, see Updating the data source.
- Verify role and health status information of the standby master that you promoted on the
HADR Databases table, and also on the IBM Security Guardium Key Lifecycle Manager
welcome page.