Introduction

This document describes the integration of Nutanix AHV cluster with the Entrust KeyControl Key Management Solution (KMS). Entrust KeyControl serves as a KMS in Nutanix AHV cluster using the open standard Key Management Interoperability Protocol (KMIP).

Documents to read first

This guide describes how to configure the Entrust KeyControl server as a KMS in Nutanix AHV cluster.

To install and configure the Entrust KeyControl server as a KMIP server, see the Entrust DataControl and KeyControl Online Documentation Set, located in the Entrust Product Documentation.

For more information related to either product refer to Entrust TrustedCare and the Nutanix online services and portals.

Product configurations

The following versions have been tested for compatibility:

Product	Version
Nutanix AOS	6.5.3.7+ AHV 20220304.242
Entrust KeyControl	v10.1.1

Product

Version

Nutanix AOS

6.5.3.7+ AHV 20220304.242

Entrust KeyControl

v10.1.1

Supported features

The following Entrust KeyControl features have been tested in this integration.

Entrust KeyControl Feature	Support
Deployment in Nutanix AHV from ISO	Yes
Cluster Mode	Yes
Cluster Expansion	Yes
Node Removal	Yes
Retain Configuration After Total Cluster Power-Down	Yes

Entrust KeyControl Feature

Support

Deployment in Nutanix AHV from ISO

Yes

Cluster Mode

Yes

Cluster Expansion

Yes

Node Removal

Yes

Retain Configuration After Total Cluster Power-Down

Yes

Support for the following Nutanix features have been tested in this integration.

Supported Nutanix Feature	Support
Data-at-Rest Encryption	Yes
Cluster Expansion	Yes
Node Removal	Yes
Re-Keying	Yes

Supported Nutanix Feature

Support

Data-at-Rest Encryption

Yes

Cluster Expansion

Yes

Node Removal

Yes

Re-Keying

Yes

Requirements

Entrust recommends that you allow only unprivileged connections unless you are performing administrative tasks.