Skip to main content
NetApp Knowledge Base

CONTAP-89115: CRS recovery may fail because the encryption key database gets incorrectly and completely filled with encryption keys

  1. Last updated
  2. Save as PDF
Views:
30
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

Issue

  • MDV creation, which runs as a job in the background, fails and is retried in a loop.
  • As each job fails, the EMS event message [mgmtgwd.jobmgr.jobcomplete.failure] is generated.
  • Although the EMS event message reports that volume creation failed, ONTAP still stores a key in the encryption key database.
  • A [crypto_key_stored] event is generated each time ONTAP stores a key in the encryption key database.
  • The [crypto_key_stored] and [mgmtgwd.jobmgr.jobcomplete.failure] events should be adjacent in the EMS log.
  • This loop results in large number of encryption keys being created, filling the encryption key database to capacity.
  • Possible impacts that users may see include:
  • Encrypted volume creation failure.
  • Automatic switchover will be disabled.
  • The following error message will be generated multiple times:
    [Failed to create the volume on node "STG0000000172-01". Reason: Internal error. Failed to generate volume key in kernel. Key manager returned ERROR_KEY_GEN_CRYPTO_FAILED. Crypto return code: 8.]

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.