Multi-Master configuration

Implementation of high-availability solution requires configuration of IBM Security Key Lifecycle Manager masters in a Multi-Master cluster. All IBM Security Key Lifecycle Manager instances in the cluster point to a single data source that is configured for DB2 high availability disaster recovery (HADR) to ensure real-time availability of latest data to all the masters in the cluster.

You can use IBM Security Key Lifecycle Manager Multi-Master configuration for data transmission to achieve the following objectives:
  • Ensures consistent and continuous data availability of IBM Security Key Lifecycle Manager across the organization.
  • Avoids a single point of failure by using the high-availability solution.
  • Masters can be located in several physical sites, that is, distributed across the network.

DB2 high availability disaster recovery (HADR) configuration is used as single data source for all masters in IBM Security Key Lifecycle Manager Multi-Master cluster. HADR protects against data loss by transmitting data changes from a source database, called primary, to a target database, called the standby. DB2 HADR supports multiple standby databases in your Multi-Master setup.

Key features of IBM Security Key Lifecycle Manager Multi-Master configuration

  • Keys that are created on an IBM Security Key Lifecycle Manager master are accessible to other IBM Security Key Lifecycle Manager masters in the cluster.
  • IPP devices and KMIP clients that are registered on an IBM Security Key Lifecycle Manager master can access keys on another master in the cluster.
  • Graphical user interface (GUI) and REST interface to configure IBM Security Key Lifecycle Manager master servers for Multi-Master setup.

For more information about Multi-Master REST services, see Multi-Master configuration REST services.