Suspension and resumption of rekeying operations – Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 229

Advertising
background image

Fabric OS Encryption Administrator’s Guide (DPM)

209

53-1002922-01

Data rekeying

3

Current LBA: 488577

Operation succeeded.

Suspension and resumption of rekeying operations

A rekey may be suspended or fail to start for several reasons:

The LUN goes offline or the encryption switch fails and reboots. Rekey operations are resumed
automatically when the target comes back online or the switch comes back up. You cannot
abort an in-progress rekey operation.

An unrecoverable error is encountered on the LUN and the in-progress rekey operation halts.
The following LUN errors are considered unrecoverable:

SenseKey: 0x3 - Medium Error.

SenseKey: 0x4 - Hardware Error.

SenseKey: 0x7 - Data Protect.

An unrecoverable error is encountered during the rekey initialization phase. The rekey
operation does not begin and a CRITICAL error is logged. All host I/O comes to a halt. All cluster
members are notified.

For any unrecoverable errors that may occur during any other phase of the process, the rekey
operation is suspended at that point and a CRITICAL error is logged. All cluster members are
notified. Host I/O to all regions of the LUN is halted. Only READ operations are supported for
the scratch space region of the LUN used for storing the status block of the rekey operation.

After all errors have been corrected, you have two recovery options:

Resume the suspended rekey session. All DEK cluster or HA cluster members must be online
and reachable for this command to succeed. If successful, this command resumes the rekey
sessions from the point where it was interrupted.

1. Log in as Admin or FabricAdmin.

2. Enter the cryptocfg

--

resume_rekey command, followed by the CryptoTarget container

name, the LUN number and the initiator PWWN.

FabricAdmin:switch> cryptocfg --resume_rekey my_disk_tgt 0x0 \

10:00:00:05:1e:53:37:99

Operation Succeeded

3. Check the status of the resumed rekey session.

FabricAdmin:switch> cryptocfg --show -rekey -all

Read all data off the LUN and write it to another LUN. In this case, you can cancel the rekey
session by removing the LUN from its container and force-committing the transaction. See

“Removing a LUN from a CryptoTarget container”

on page 172 for instructions on how to

remove a LUN by force.

Advertising
Popular Brands
Popular manuals