CT-VL with Multiple Key Managers
This section describes the CT-VL operation mode (round-robin or failover) with multiple key managers.
The VAE agent receives a list of the DSMs to contact during registration. This list is arranged in the order that primary DSM is at the top and failovers at the bottom. When the VAE agent detects that the primary DSM is down, it switches the order of both DSMs (primary and the first failover) in memory. After switching, the first failover DSM is at the top and primary at the second position.
This is done so that the VAE agent does not try to contact the primary DSM and timeout every time before going to the failover. The VAE agent will now skip the primary DSM and go to the failover.
Note
The VAE agent will not automatically failback to the first DSM even if it comes up. The services need to be restarted on CT-VL.
CT-VL with the CipherTrust Manager uses the round-robin operation mode. You just specify multiple IP addresses of the CipherTrust Manager servers and internal round-robin load balancing is performed.