{"id":11446,"date":"2011-07-29T18:51:00","date_gmt":"2011-07-29T18:51:00","guid":{"rendered":"https:\/\/aidanfinn.com\/?p=11446"},"modified":"2011-07-29T18:51:00","modified_gmt":"2011-07-29T18:51:00","slug":"vmm-2012-distributed-key-management-dkm","status":"publish","type":"post","link":"https:\/\/aidanfinn.com\/?p=11446","title":{"rendered":"VMM 2012 Distributed Key Management (DKM)"},"content":{"rendered":"

Virtual Machine Manager 2012 (VMM\/SCVMM) 2012 adds something that was lacking in VMM 2007\/2008\/20008 R2: clustered VMM servers.  VMM 2012 is<\/em> the gateway to the private cloud and you want that gateway to be fault tolerant at the hardware, OS, and service level.  If you want to have a clustered VMM server then you will need to get to grips with some new concepts.<\/p>\n

The VMM database contains a lot of information.  Some of that information can be sensitive, such as product keys or administrator passwords.  You don\u2019t want just anyone getting a copy of that database (from offsite stored backup tapes, for example [which should be encrypted anyway]) and figuring out a way into gaining administrative rights to your network.  For this reason, VMM uses encryption to protect the contents of this database.  <\/p>\n

By default the decryption keys for accessing the encrypted data are stored on the VMM server.  Now imagine you have set up a clustered VMM server and those keys are stored locally, as seen below.<\/p>\n

\"image\"<\/a><\/p>\n

The first node with the local keys would encrypt the SQL data and access it with no issue at all.  But what would happen after a failover of the VMM service from Node 1 to Node 2?  The decryption keys are unavailable, on Node 1, and Node 2 has no way to read the encrypted data in clear text.  There goes the uptime of your cloud!<\/p>\n

\"image\"<\/a><\/p>\n

That\u2019s why we have a new concept called Distributed Key Management (DKM) in VMM 2012.  Instead of storing the decryption keys on the server, they\u2019re stored in a specially created container in Active Directory.  This means that the decryption keys can be accessed by both of the VMM cluster nodes, and either node can read the encrypted data in clear text.<\/p>\n

You can configure the option to enable DKM when you install the first member of the VMM cluster.  You can optionally do this even if you\u2019re setting up a non-clustered VMM server.  It\u2019ll mean the keys are safe in AD, and it gives you the flexibility to easily set up a cluster without too much mucking around.<\/p>\n

When you enable the option to use DKM, you have two choices:<\/p>\n