Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual

294

Fabric OS Encryption Administrator’s Guide (DPM)

53-1002922-01

Splitting an encryption group into two encryption groups

6

Splitting an encryption group into two encryption groups

In this example, which is represented in

Table 16

, you have one encryption group with four nodes

from which you want to remove two of the nodes and add them to a new encryption group.

1. Enter the following command on FOS1 to reclaim the VI/VT WWN base for FOS3:

Admin:switch> cryptocfg --reclaimWWN -membernode

When prompted, enter yes.

2. Enter the following command on FOS1 to propagate the change to all nodes in the EG:

Admin:switch> cryptocfg --commit

3. Enter the following command in FOS1 to eject node FOS3 from the EG:

Admin:switch> cryptocfg --eject -membernode

4. Enter the following command on FOS1 to deregister the ejected node from the encryption

group:

Admin:switch> cryptocfg --dereg -membernode

5. Enter the following command on FOS3 to clean up the encryption configuration on the

deregistered node:

Admin:switch> cryptocfg –-reclaimWWN –cleanup

When prompted, enter yes to each prompt.

6. Repeat steps 1–5 for FOS4.

7. Create a new EG on FOS3:

a. Create the group:

Admin:switch> cryptocfg --create -encgroup FOS3

b. Set the key vault type.

Admin:switch> cryptocfg --set -keyvault RKM/DPM

TABLE 16

Splitting an encryption group

Encryption group

Nodes

Original EG

FOS1 (Group Leader)
FOS2
FOS3
FOS4

New EG1

FOS1 (Group Leader)
FOS2

New EG2

FOS3 (Group Leader)
FOS4