Migrating a Key Trustee KMS Server Role Instance to a New Host
In some cases – for example, after your upgrading your servers – it is desirable to migrate a Key Trustee KMS Server role instance to a new host. This procedure describes how to move a Key Trustee KMS proxy service role instance from an existing cluster host to another cluster host.
The security and performance requirements for the KMS proxy are based on providing a
dedicated system to the role, and not shared with CDP or other services. The
KMS proxy represents a service that must be:
- secure
- isolated from non-administrator access
- maintained as a system with a higher level of isolation and security requirements compared to other cluster nodes