Data synchronization service
In IBM® Security Guardium® Key Lifecycle Manager Multi-Master cluster, the primary and standby databases are configured with Db2® HADR to ensure high-availability. Under normal conditions, Db2 HADR keeps the primary and standby databases in sync. The IBM Security Guardium Key Lifecycle Manager data synchronization service copies the Db2 backup files from the primary master to the other master nodes in the cluster at a specified interval. Data synchronization keeps data in the master nodes current with data in the primary server in the cluster.
| Date | Change description |
| 20 Mar 2021 | Updated the Setting interval for data synchronization section. Refreshed only the English language content. |
| 08 Dec 2020 | Initial version. |
When a master server is disconnected from the cluster because of connectivity issues, you can set this master server in read-write mode. You can then restore the backup files on the read-write master server to serve keys to the devices. For more information about how to set the isolated master as read-write master, see Configuring an isolated master as read-write master. When connectivity issues are resolved, you can rejoin master to the cluster. For more information about how to rejoin the cluster, see Rejoining isolated read-write master back to cluster.
Backup file location
The backup file from the primary server is copied to the <WAS_HOME>/products/sklm/data/synchronization folder on the master node. You can save a maximum of two backup files.
Setting interval for data synchronization
You can configure data.synchronizing.svc.interval property in the <SKLM_HOME>/config/SKLMConfig.properties file to set the time interval for data synchronization. After changing the property, you must restart the Agent service for the changes to take effect.
For more information about the configuration property, see data.synchronizing.svc.interval.
Setting password for backup files
You can configure data.synchronizing.backup.password property in the <SKLM_HOME>/config/SKLMConfig.properties file to set password for the backup files that are generated by data synchronization service on the primary or standby master. These backup files are copied to the other master nodes in the IBM Security Guardium Key Lifecycle Manager Multi-Master cluster at an interval that you specified for the data.synchronizing.svc.interval property.
You can then restore the backup files on the read-write master server by using the password that you set. You can use graphical user interface, command line interface, or REST interface to restore data if you set the password in the configuration file. If the value for the configuration property is not set, a random password is generated and the data is automatically restored on the read-write master. You must restart WebSphere® Application Server and the agent service after you set the password. For more information about the configuration property, see data.synchronizing.backup.password.
Setting maximum number of Db2 backup files
You can configure the data.synchronizing.svc.MaxBackupNum property in the <SKLM_HOME>/config/SKLMConfig.properties file to specify maximum number of Db2 backup files to keep on the non-HADR masters of the Multi-Master cluster. You must restart WebSphere Application Server and the agent service after you set the password. For more information about the configuration property, see data.synchronizing.svc.MaxBackupNum.