Removing a lun from a cryptotarget container – Brocade Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User Manual

Page 206

Advertising
background image

188

Fabric OS Encryption Administrator’s Guide (KMIP)

53-1002747-02

Crypto LUN configuration

3

LUN serial number:
Key ID state: Key ID not Applicable

b. Add the LUN to the tape CryptoTarget container. The following example enables the LUN for

encryption. There is a maximum of eight tape LUNs per Initiator in a container.

FabricAdmin:switch> cryptocfg --add -LUN my_tape_tgt 0x0 \
10:00:00:00:c9:2b:c9:3a 20:00:00:00:c9:2b:c9:3a -encrypt
Operation Succeeded

NOTE

When changing the tape LUN policy from encrypt to cleartext or from cleartext to encrypt,
or the encryption format from Brocade native to DF-compatible while data is being written
to or read from a tape backup device, the policy change is not enforced until the current
process completes and the tape is unmounted, rewound, or overwritten. Refer to the
section

“Impact of tape LUN configuration changes”

on page 191 for more information.

c. Commit the configuration.

FabricAdmin:switch> cryptocfg --commit
Operation Succeeded

d. Display the LUN configuration.

FabricAdmin:switch> cryptocfg --show -LUN my_tape_tgt 0x0 \
10:00:00:00:c9:2b:c9:3a -cfg
EE node:

10:00:00:05:1e:41:9a:7e

EE slot:

0

Target:

20:0c:00:06:2b:0f:72:6d 20:00:00:06:2b:0f:72:6d

VT:

20:00:00:05:1e:41:4e:1d 20:01:00:05:1e:41:4e:1d

Number of host(s): 1
Configuration status: committed
Host:

21:00:00:e0:8b:89:9c:d5 20:00:00:e0:8b:89:9c:d5

VI:

10:00:00:00:c9:2b:c9:3a 20:03:00:05:1e:41:4e:31

LUN number:

0x0

LUN type:

tape

LUN status:

0

Encryption mode: encrypt
Encryption format: DF_compatible
Tape type:

tape

Key life:

90 (day)

Volume/Pool label:
Operation succeeded.

Removing a LUN from a CryptoTarget container

You can remove a LUN from a given CryptoTarget container if it is no longer needed. Stop all traffic
I/O from the initiators accessing the LUN before removing the LUN to avoid I/O failure between the
initiators and the LUN. If the LUN is exposed to more than one initiator under different LUN
Numbers, remove all exposed LUN Numbers.

1. Log in to the group leader as Admin or FabricAdmin.

2. Enter the cryptocfg

--

remove

-

LUN command followed by the CryptoTarget container name,

the LUN Number, and the initiator PWWN.

Advertising
Popular Brands
Popular manuals