Scaling

Key Manager is a distributed keystore and supports scaling by adding new key manager nodes to an existing Key Manager cluster. Each cluster consists of one or multiple server nodes.

On Linux, use minkms add to scale a cluster up or minkms rm to scale a cluster down by removing a node. Run these commands from a node that already exists or should continue to exist on the cluster.

On Kubernetes, adjust the number of Replicas for the Key Manager to the desired quantity of nodes.

Nodes can be added or removed on demand, and there is no limit to the number of nodes a Key Manager cluster can have. All cluster nodes are replicas of each other.

Once expanded, update any load balancers, reverse proxies, or other network control components to include the new host as part of the configuration. Clients can then transparently benefit from the increased handling of cryptographic read/write operations.

Key Manager’s fault tolerance is different for read and write requests.

Key Manager uses a configured Hardware Security Module (HSM) key to establish root trust. In multi-node clusters, Key Manager uses an API key derived from a configured Hardware Security Module (HSM) key to establish root trust between nodes in a cluster.

All nodes in a Key Manager cluster use the same HSM to seal and unseal its encrypted on-disk state. Without access to the shared HSM, the cluster nodes cannot communicate to each other or decrypt their local state.

Beginning with RELEASE.2025-06-19T19-54-27Z, AIStor Key Manager supports multiple HSM keys for decryption of local state. However, only one of the installed HSM keys can be used for inter-node communication. All nodes must use the same HSM key for purposes of shared communication.

MinIO recommends having the same HSM configuration(s) on all Key Manager nodes.