A Oracle Key Vault Multi-Master Cluster Operations
There are restrictions and conditions for Oracle Key Vault multi-master cluster operations on cluster nodes.
Table A-1 Oracle Key Vault Multi-Master Cluster Operations on Cluster Nodes
Management Console Tab and Operation | Read-Only Node | Read-Write Node in Read-Only Restricted Mode | Read-Write Node in normal (Read-Write) Mode |
---|---|---|---|
Home tab |
No restrictions |
No restrictions |
No restrictions |
Endpoints tab
Endpoints
|
Updated only via replication from a read-write node No restrictions |
Updated only via replication from a read-write node No restrictions |
Directly updated using client tools on this node Also updated by replication from other read-write nodes No restrictions |
Keys & Wallets tab
Wallets
|
Updated only through replication from a read-write node | Updated only via replication from a read-write node | Updated using client tools on this node.
Also updated by replication from other read-write nodes. |
Reports tab Audit
|
No restrictions | No restrictions | No restrictions |
Users tab
Users
|
Updated only with replication from a read-write node | Updated only with replication from a read-write node | Updated using client tools on this node
Also updated by replication from other read-write nodes There are additional considerations and restrictions based on the status of the user name and user group name. |
System tab
System Settings
|
Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node.
The DNS settings and System Time are not set for the cluster here. |
System tab
Cluster System Settings
|
Updated only with replication from a read-write node | Updated only with replication from a read-write node | Updated using client tools on this node
Also updated by replication from other read-write nodes |
System tab
Audit Settings, Scope 'Node'
|
Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. |
System tab
Audit Settings, Scope 'Cluster'
|
Updated only with replication from a read-write node | Updated only with replication from a read-write node | Updated using client tools on this node.
Also updated by replication from other read-write nodes |
System tab
Email Settings
|
Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. |
System tab
Monitoring Settings, Scope 'Node'
|
Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. |
System tab
Monitoring Settings, Scope 'Cluster'
|
Updated only with replication from a read-write node | Updated only with replication from a read-write node | Updated using client tools on this node
Also updated by replication from other read-write nodes |
System tab
System Backup
|
Node is used to update these settings. The updates are local to the node.
A backup can only be restored to a standalone Oracle Key Vault server. Restoring a backup implies that the entire cluster has failed and needs to be rebuilt. |
Node is used to update these settings. The updates are local to the node.
A backup can only be restored to a standalone Oracle Key Vault server. Restoring a backup implies that the entire cluster has failed and needs to be rebuilt. |
Node is used to update these settings. The updates are local to the node.
A backup can only be restored to a standalone Oracle Key Vault server. Restoring a backup implies that the entire cluster has failed and needs to be rebuilt. |
System tab
Console Certificate
|
Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. |
System tab
SSH Tunnel Settings
|
Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. |
System tab
HSM
|
Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. | Node is used to update these settings. The updates are local to the node. |
Cluster tab
Management section
|
A node in the ACTIVE state may be used to add, delete, force delete, or disable a node.
When adding a node, selecting Add Node as a Read-Write Peer creates a read-write pair. Only a disabled node may enable itself. Delete and force delete have special considerations as noted. |
A node in the ACTIVE state may be used to add, delete, force delete, or disable a node.
When adding a node, this node cannot be added as a read-write peer to the new node, as it is already in a read-write pair. Only a disabled node may enable itself. Delete and force delete have special considerations as noted. |
A node in the ACTIVE state may be used to add, delete, force delete, or disable a node.
When adding a node, this node cannot be added as a read-write peer to the new node, as it is already in a read-write pair. Only a disabled node may enable itself. Delete and force delete have special considerations as noted. |
Cluster tab
Monitoring
|
Node can access and update these settings. The updates are local to the node. | Node can access and update these settings. The updates are local to the node. | Node can access and update these settings. The updates are local to the node. |
Cluster tab
Conflict Resolution
|
Node can access but not resolve conflicts.
Updates are received only from active read-write nodes in the cluster through replication. |
Node can access but not resolve conflicts.
Updates are received only from active read-write nodes in the cluster through replication. |
Node can access and resolve conflicts.
Updates are propagated to all other nodes in the cluster. |
Join read-write pair | Only through induction from a read-only node. Requires Add Node as Read-Write Peer set to Yes. | Not applicable. Since this node is already a member of a read-write pair, when replication is once again available from this node to its read-write peer, it will return to its read-write state. | Not applicable |