Dell POWEREDGE M1000E User Manual

176

Fabric OS Command Reference

53-1001764-02

cryptoCfg

2

•

Exercise caution when modifying policy parameters while tape sessions are in
progress. For information on the impact of encryption policy changes while tape
sessions are in progress, refer to the Fabric OS Encryption Administrator’s Guide.

--

remove -LUN

Removes a LUN from a specified CTC. You must stop all traffic to the LUN
from all initiators accessing the LUN you are removing from the CTC. Failure to
do so results in I/O failure between the initiators and the LUN. If the LUN is
exposed with different LUN Numbers to different initiators, all exposed LUN
Numbers must be removed. This command is valid only on the group leader.
The following operands are required when removing a LUN from a CTC:

crypto_target_container_name

Specifies the name of the CTC from which the LUN is to be removed.

LUN_Num

Specifies the number of the LUN to be removed. Use --show -container for a
list of LUN numbers associated with the specified CTC.

initiator_PWWN Specifies the initiator port WWN for the LUN to be removed.

--

enable -LUN

Forces the LUN to become enabled for encryption from a disabled state. This
command must be executed on the local switch that is hosting the LUN. No
commit is required after executing this command. This command proceeds
with a warning and prompts for confirmation.

A LUN may become disabled for various reasons, such as a change in policy
from encrypted to cleartext, a conflict between LUN policy and LUN, or a
missing DEK in the key vault. Force-enabling a LUN while metadata exist on
the LUN may result in a loss of data and should be exercised with caution.
Refer to the Fabric OS Encryption Administrator’s Guide for a description of
conditions under which a LUN may be disabled and recommendations for
re-enabling the LUN while minimizing the risk of data loss.

The following operands are required when force-enabling a LUN:

crypto_target_container_name

Specifies the name of the CTC to which this LUN belongs.

LUN_Num

Specifies the number of the LUN to be enabled. Use --show -container for a
list of LUN numbers associated with the specified CTC.

initiator_PWWN Specifies the initiator port WWN for the specified LUN.

--

create -tapepool

Creates a tape pool. A tape pool consists of a group of tape media that share
the same encryption policies and data encryption keys (DEKs).

A maximum of 4096 tape pools per encryption group are supported. You may
add up to a maximum of 25 tape pools per commit operation. There is a delay
of five seconds delay at each commit operation.

Policy configuration at the tape pool level is optional; if left unspecified
LUN-level tape policy parameters apply.

This command is valid only on the group leader. The following operands are
supported: