beautypg.com

Moving a cryptotarget container – Brocade Fabric OS Encryption Administrator’s Guide Supporting HP Secure Key Manager (SKM) and HP Enterprise Secure Key Manager (ESKM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 192

background image

172

Fabric OS Encryption Administrator’s Guide (SKM/ESKM)

53-1002923-01

CryptoTarget container configuration

3

CAUTION

When configuring a multi-path LUN, you must remove all necessary CryptoTarget containers in
sequence before committing the transaction. Failure to do so may result in a potentially
catastrophic situation where one path ends up being exposed through the encryption switch and
another path has direct access to the device from a host outside the protected realm of the
encryption platform. Refer to the section

“Configuring a multi-path Crypto LUN”

on page 181 for

more information.

Moving a CryptoTarget container

You can move a CryptoTarget container from one encryption engine to another. The encryption
engines must be part of the same fabric and the same encryption group, and the encryption
engines must be online for this operation to succeed. This operation permanently transfers the
encryption engine association of a given CryptoTarget container from an existing encryption engine
to an alternate encryption engine.

NOTE

If a CryptoTarget container is moved in a configuration involving FCR, the LSAN zones and manually
created redirect zones will need to be reconfigured with new VI and VT WWNs. Refer to the section

“Deployment in Fibre Channel routed fabrics”

on page 211 for instructions on configuring encryption

in an FCR deployment scenario.

1. Log in to the group leader as Admin or FabricAdmin.

2. Enter the cryptocfg

--

move

-

container command followed by the CryptoTarget container

name and the node WWN of the encryption engine to which you are moving the CryptoTarget
container. Provide a slot number if the encryption engine is a blade.

FabricAdmin:switch> cryptocfg --move -container my_disk_tgt \

10:00:00:05:1e:53:4c:91

Operation Succeeded

3. Commit the transaction.

FabricAdmin:switch> cryptocfg --commit

Operation Succeeded

See also other documents in the category Brocade Computer Accessories: