ノードのマザーボードまたはブートデバイスの交換後にオンボードキーマネージャの処理が失敗する
環境
- ONTAP 9.6以降
- NetAppボリューム暗号化(NVE)
- マザーボードの交換
- ブートデバイスの交換
問題
ノードのマザーボード またはブートデバイスの交換後にオンボードキーマネージャの処理が失敗します。
cluster1::> security key-manager key show
Node: node03
Key Store: onboard
Used By
--------
NSE-AK
Key ID: 000000000000000002000000000001008450244552xxxxxxxxxxxxxxxxxx0000000000000000
NSE-AK
Key ID: 00000000000000000200000000000100e8609d2801xxxxxxxxxxxxxxxxxx0000000000000000
VEK
Key ID: 00000000000000000200000000000500ef174daafxxxxxxxxxxxxxxxxxx80000000000000000
SVM-KEK
Key ID: 00000000000000000200000000000a00943519801xxxxxxxxxxxxxxxxxxx0000000000000000
Node: node04
Key Store: onboard
Used By
--------
NSE-AK
Key ID: 00000000000000000200000000000100845024ssssxxxxxxxxxxxxxxxxxx0000000000000000
Node: node04
Key Store: onboard
Used By
--------
NSE-AK
Key ID: 00000000000000000200000000000100e8609d280xxxxxxxxxxxxxxxxxxd0000000000000000
SVM-KEK
Key ID: 00000000000000000200000000000a00943519801sxxxxxxxxxxxxxxxxxx0000000000000000
7 entries were displayed.
Error: One or more nodes have the Onboard Key Manager keys that need to be
restored. Run the "security key-manager onboard sync" command to restore
the onboard key hierarchy on those nodes.
::> security key-manager onboard show-backup
Error: show failed: The Onboard Key Manager backup operation failed with error:
Unknown. Possible reasons for failure include a missing or corrupted
backup configuration. Use the "security key-manager onboard sync"
command to synchronize the onboard key hierarchy and then retry the
backup command. If the problem persists, contact technical support.