Promoting standby server to primary server

If a primary master in the IBM® Security Guardium® Key Lifecycle Manager multi-master cluster fails, you might want to promote a standby master while you resolve the failure.

Before you begin

Before you promote a standby master in the cluster, review the considerations and restrictions that are listed in the Requirements and considerations for multi-master configuration topic.

About this task

If the primary master becomes unavailable, use the IBM Security Guardium Key Lifecycle Manager Multi-Master > HADR Databases page or Promote Standby REST Service to change a standby master to the primary master in the cluster.

Your role must have a permission to change a standby master to the primary master in the IBM Security Guardium Key Lifecycle Manager multi-master cluster.

You must manually restart WebSphere® Application Server Liberty in all the standby servers if an auxiliary standby is promoted as primary. WebSphere Liberty restart is not required when principal standby is promoted as primary.

1. Go to the appropriate page or directory.

   Graphical user interface

   1. Log on to the graphical user interface.
   2. On the Welcome page, click Administration > Multi-Master > HADR Databases.

   REST interface

   Open a REST client.

2. Promote the standby master to primary master server.

   Graphical user interface

   1. From the HADR Databases table, select the standby master that you want to promote.
   2. Click Promote As Primary.
   3. On the Confirm dialog, read the confirmation message before you promote the standby master.
   4. Click OK.

   REST interface

   1. Obtain a unique user authentication identifier to access IBM Security Guardium Key Lifecycle Manager REST services. For more information about the authentication process, see Authentication process for REST services.
   2. To run Promote Standby REST Service, send the HTTP POST request. Pass the user authentication identifier that you obtained in Step a along with the request message as shown in the following example.

      POST https://localhost:port/SKLM/rest/v1/ckms/config/nodes/takeoverAsPrimary
      Content-Type: application/json
      Accept: application/json
      Authorization: SKLMAuth userAuthId=139aeh34567m
      [
      {clusterName:"multimaster"},
      {"ipHostname": "civ3cez160"}
      ]

3. Update the data source. For instructions, see Updating the data source.
4. Verify role and health status information of the standby master that you promoted on the HADR Databases table, and also on the IBM Security Guardium Key Lifecycle Manager welcome page.