主权项 |
1. A method of operating a clustered storage system to toggle from a first cryptographic operating mode to a second cryptographic operating mode in a highly-available manner, the method comprising:
toggling a cryptographic mode software switch stored in a persistent configuration database of the clustered storage system from the first cryptographic operating mode to the second cryptographic operating mode; at a first node of the clustered storage system, sending an instruction to a second node instructing the second node to reboot, the second node being configured to boot into a cryptographic operating mode defined by the cryptographic mode software switch, the first node initially being in a master state that provides integral storage services and the second node initially being in a peer state; at the first node, polling the second node until the second node indicates that it has rebooted successfully; upon the second node having rebooted, sending a command from the first node to the second node, the command instructing the second node to switch to the master state that provides the integral storage services; and rebooting the first node into the peer state, the first node being configured to boot into the cryptographic operating mode defined by the cryptographic mode software switch; wherein: the first node, when operating in the second cryptographic operating mode, is validated as using a government-accredited cryptographic module, being configured to only engage in secured communications using cryptographic algorithms that are government-approved; the second node, when operating in the second cryptographic operating mode, is validated as using the government-accredited cryptographic module, being configured to only engage in secured communications using cryptographic algorithms that are government-approved; the first node, when operating in the first cryptographic operating mode, is configured to engage in secured communications using cryptographic algorithms without regard to government-approval status; the second node, when operating in the first cryptographic operating mode, is configured to engage in secured communications using cryptographic algorithms without regard to government-approval status; and the government-accredited cryptographic module is a Federal Information Processing Standard (FIPS) 140-accredited cryptographic module. |