Brocade Communications Systems Brocade 8/12c Administrator's Manual page 175

NOTE
LUN configurations and modifications must be committed to take effect. There is an upper limit of
25 on the number of LUNs you can add or modify in a single commit operation. Attempts to commit
a configuration that exceeds this maximum will fail. Note that there is also a five second delay before
the commit operation takes effect. In addition to the above limit of 25 per commit, make sure the
LUNs in previously committed LUN configurations and LUN modifications have a LUN state of
Encryption Enabled before creating and committing another batch of 25 LUN configurations or LUN
modifications.
The device type (disk or tape) is set at the CryptoTarget container level. You cannot add a tape LUN
to a CryptoTarget container of type "disk" and vice versa.
It is recommended that you configure the LUN state and encryption policies at this time. You can
add these settings later with the cryptocfg
modifiable. Refer to the section
configuration parameters. Refer to the section
policy parameters.
NOTE
If you are using VMware virtualization software or any other configuration that involves mounted file
systems on the LUN, you must enable first-time encryption at the time when you create the LUN by
setting the –-enable_encexistingdata option with the –-add -LUN command. Failure to do so
permanently disconnects the LUN from the host and causes data to be lost and unrecoverable.
1. Log in to the group leader as Admin or FabricAdmin.
2. Enter the cryptocfg
3. Commit the configuration.
CAUTION
When configuring a LUN with multiple paths, do not commit the configuration before you have
added all the LUNs with identical policy settings and in sequence to each of the Crypto Target
containers for each of the paths accessing the LUNs. Failure to do so results in data corruption.
Refer to the section
4. Display the LUN configuration. The following example shows default values.
Fabric OS Encryption Administrator's Guide
53-1002159-03
add -LUN command followed by the CryptoTarget container Name, the
--
LUN number or a range of LUN numbers, the PWWN and NWWN of the initiators that should be
able to access the LUN. The following example adds a disk LUN enabled for encryption. There
is a maximum of 512 Disk LUNs per Initiator in a container.
FabricAdmin:switch>cryptocfg --add -LUN my_disk_tgt 0x0 \
10:00:00:00:c9:2b:c9:3a 20:00:00:00:c9:2b:c9:3a -encrypt
Operation Succeeded
FabricAdmin:switch>cryptocfg --commit
Operation Succeeded
"Configuring a multi-path Crypto LUN"
FabricAdmin:switch>cryptocfg --show -LUN my_disk_tgt0 \
10:00:00:00:c9:2b:c9:3a -cfg
EE node: 10:00:00:05:1e:41:9a:7e
EE slot: 0
Target: 20:0c:00:06:2b:0f:72:6d 20:00:00:06:2b:0f:72:6d
VT: 20:00:00:05:1e:41:4e:1d 20:01:00:05:1e:41:4e:1d
modify -LUN command, but not all options are
--
"Crypto LUN parameters and policies"
"Creating a tape pool"
Crypto LUN configuration
on page 156 for LUN
on page 164 for tape pool
on page 166.
3
155