mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
30 lines
937 B
Plaintext
30 lines
937 B
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// security/nbde-implementation-guide.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="nbde-loss-of-client-connectivity_{context}"]
|
|
= Planning for a loss of client network connectivity
|
|
|
|
The loss of network connectivity to an individual node will cause it to become unable to boot in an unattended fashion.
|
|
|
|
If you are planning work that might cause a loss of network connectivity,
|
|
you can reveal the passphrase for an onsite technician to use manually,
|
|
and then rotate the keys afterwards to invalidate it:
|
|
|
|
.Procedure
|
|
|
|
. Before the network becomes unavailable, show the password used in the first slot `-s 1` of device `/dev/vda2` with this command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ sudo clevis luks pass -d /dev/vda2 -s 1
|
|
----
|
|
|
|
. Invalidate that value and regenerate a new random boot-time passphrase with this command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ sudo clevis luks regen -d /dev/vda2 -s 1
|
|
----
|