Solved: Backing up OKM (Onboard Key Manager)

JFM · ‎2022-02-02

Hi all!

one quick question, it appears to be a good practice to backup the Onboard Key Manager (OKM). The question that pops in my mind: if the keys aren't exportable, what is included in the OKM backup then? Also, I understand the OKM is replicated among the nodes of a cluster... how is this possible since the keys aren't supposed to leave the OKM?

Thanks, as usual. 🙂 👍

Presales SE at ESI Technologies

Ontapforrum · ‎2022-02-02

I don't think OKM is replicated. According to one of the Kb mentioned below, it appears the "Key information" is held by the Replicated Database (RDB) which is replicated with-in the cluster Nodes. ("RDB" is the basis of clustering in ONTAP).

Following kbs are worth reading:
What happens to information stored in OKM in case of disaster
https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/What_happens_to_information_stored_in_OKM_in_case_of_disaster
https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/How_to_backup_Onboard_Key_Manager_(OKM)

View solution in original post

Ontapforrum · ‎2022-02-02

I don't think OKM is replicated. According to one of the Kb mentioned below, it appears the "Key information" is held by the Replicated Database (RDB) which is replicated with-in the cluster Nodes. ("RDB" is the basis of clustering in ONTAP).

Following kbs are worth reading:
What happens to information stored in OKM in case of disaster
https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/What_happens_to_information_stored_in_OKM_in_case_of_disaster
https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/How_to_backup_Onboard_Key_Manager_(OKM)