Deleting An Encryption Group; Removing An Ha Cluster Member; Displaying The Ha Cluster Configuration - Brocade Communications Systems Brocade 8/12c Administrator's Manual
Supporting hp secure key manager (skm) environments and hp enterprise secure key manager (eskm) environments
Hide thumbs
Also See for Brocade 8/12c:
- User manual (1301 pages) ,
- Command reference manual (1132 pages) ,
- Reference (362 pages)
Table of Contents
Advertisement
6
Encryption group and HA cluster maintenance
Deleting an encryption group
You can delete an encryption group after removing all member nodes following the procedures
described in the previous section. The encryption group is deleted on the group leader after you
have removed all member nodes.
Before deleting the encryption group, it is highly recommended that you remove the Group Leader
from the HA cluster and clear all CryptoTarget and tape pool configurations for the group.
The following example deletes the encryption group "brocade".
1. Log in to the Group Leader as Admin or SecurityAdmin
2. Enter the cryptocfg
Removing an HA cluster member
Removing an encryption engine from an HA cluster "breaks" the HA cluster by removing the
failover/failback capability for the removed encryption engines, However, the removal of an
encryption engine does not affect the relationship between configured containers and the
encryption engine that is removed from the HA cluster. The containers still belong to this encryption
engine and encryption operations continue.
The remove command should not be used if an encryption engine which failed over exists in the HA
Cluster. Refer to the section
replacing a failed encryption engine in an HA cluster.
1. Log into the group leader as Admin or SecurityAdmin.
2. Enter the cryptocfg --remove -haclustermember command. Specify the HA cluster name and
3. Enter cryptocfg
Displaying the HA cluster configuration
1. Log in to the Group Leader as Admin or SecurityAdmin.
2. Enter the cryptocfg
208
delete -encgroup command followed by the encryption group name.
--
SecurityAdmin:switch> cryptocfg --delete -encgroup CRYPTO_LSWAT
This will permanently delete the encryption group configuration
ARE YOU SURE
(yes, y, no, n): [no] y
Encryption group delete status: Operation Succeeded.
"Replacing an HA cluster member"
the node WWN to be removed. Provide a slot number if the encryption engine is a blade. The
following example removes HA cluster member 10:00:00:05:1e:53:74:87 from the HA cluster
HAC2.
SecurityAdmin:switch>cryptocfg --remove -haclustermember HAC2 \
10:00:00:05:1e:53:74:87
Remove HA cluster member status: Operation Succeeded.
commit to commit the transaction.
--
show -hacluster -all command.
--
In the following example, the encryption group brocade has two HA clusters. HAC 1 is
committed and has two members. HAC 2 has one member and remains in a defined state until
a second member is added and the transaction is committed.
SecurityAdmin:switch>cryptocfg --show -hacluster -all
Encryption Group Name: brocade
Number of HA Clusters: 2
on page 209 for instructions on
Fabric OS Encryption Administrator's Guide
53-1002159-03
Advertisement
Table of Contents
Troubleshooting
