beautypg.com

Deleting a tape pool, Modifying a tape pool, Impact of tape pool configuration changes – Brocade Fabric OS Encryption Administrator’s Guide Supporting NetApp Lifetime Key Manager (LKM) and KeySecure Storage Secure Key Manager (SSKM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 183

background image

Fabric OS Encryption Administrator’s Guide (LKM/SSKM)

165

53-1002925-01

Tape pool configuration

3

Deleting a tape pool

This command does not issue a warning if the tape pool being deleted has tape media or volumes
that are currently accessed by the host. Be sure the tape media is not currently in use.

1. Log in to the group leader as FabricAdmin.

2. Enter the cryptocfg

--

delete

-

tapepool command followed by a tape pool label or number.

Use cryptocfg

--

show

-

tapepool

-

all to display all configured tape pool names and numbers.

FabricAdmin:switch> cryptocfg --delete -tapepool -label my_tapepool

Operation succeeded.

3. Commit the transaction

FabricAdmin:switch> cryptocfg --commit

Operation succeeded.

Modifying a tape pool

1. Log in to the group leader as Admin or FabricAdmin.

2. Enter the cryptocfg

--

modify

-

tapepool command followed by a tape pool label or number.

Then specify a new policy, encryption format, or both. The following example changes the
encryption format from Brocade native to DF-compatible.

FabricAdmin:switch> cryptocfg --modify -tapepool -label my_tapepool

-encryption_format DF_compatible

Operation succeeded.

3. Commit the transaction.

FabricAdmin:switch> cryptocfg --commit

Operation succeeded.

Impact of tape pool configuration changes

Tape pool-level policies overrule policy configurations at the LUN level, when no policies are
configured at the tape pool level. The following restrictions apply when modifying tape pool-level
configuration parameters:

If you change the tape pool policy from encrypt to cleartext or from cleartext to encrypt or if you
change the encryption format from Brocade native to DF-compatible while data is written to or
read from a tape backup device, the policy change is not enforced until the current process
completes and the tape is unmounted, rewound, or overwritten. This mechanism prevents the
mixing of cleartext data to cipher-text data on the tape.

You cannot modify the tape pool label or the key lifespan value. If you wish to modify these
tape pool attributes, delete the tape pool and create a new tape pool with a different label and
key lifespan.

Key lifespan values only apply to native-mode pools. When in DF-compatible

mode, every new media receives a unique key, matching DataFort behavior.

See also other documents in the category Brocade Computer Accessories: