Brocade Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User Manual

288

Fabric OS Encryption Administrator’s Guide (KMIP)

53-1002747-02

Splitting an encryption group into two encryption groups

6

NOTE

You should not join a Fabric OS 7.0.1(x) node into an encryption group or eject a node with Fabric OS
7.1.0 or later when the firmware consistency check for the device decommission feature is enabled
in the encryption group.

Splitting an encryption group into two encryption groups

In this example, which is represented in

Table 15

, you have one encryption group with four nodes

from which you want to remove two of the nodes and add them to a new encryption group.

1. Enter the following command on FOS1 to reclaim the VI/VT WWN base for FOS3:

Admin:switch> cryptocfg --reclaimWWN -membernode <FOS3-WWN>

When prompted, enter yes.

2. Enter the following command on FOS1 to propagate the change to all nodes in the EG:

Admin:switch> cryptocfg --commit

3. Enter the following command in FOS1 to eject node FOS3 from the EG:

Admin:switch> cryptocfg --eject -membernode <FOS3-WWN>

4. Enter the following command on FOS1 to deregister the ejected node from the encryption

group:

Admin:switch> cryptocfg --dereg -membernode <FOS3-WWN>

5. Enter the following command on FOS3 to clean up the encryption configuration on the

deregistered node:

Admin:switch> cryptocfg –-reclaimWWN –cleanup

When prompted, enter yes to each prompt.

6. Repeat steps 1–5 for FOS4.

7. Create a new EG on FOS3:

TABLE 15

Splitting an encryption group

Encryption group

Nodes

Original EG

FOS1 (Group Leader)
FOS2
FOS3
FOS4

New EG1

FOS1 (Group Leader)
FOS2

New EG2

FOS3 (Group Leader)
FOS4