HP Brocade 8/12c Fabric OS Encryption Administrator's Guide - Page 169
Gathering information, Creating a CryptoTarget container, EE Attributes
![]() |
View all HP Brocade 8/12c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 169 highlights
CryptoTarget container configuration 3 To determine if rebalancing is recommended for an encryption engine, check the encryption engine properties. Beginning with Fabric OS v6.4, a field is added that indicates whether or not re-balancing is recommended You may be prompted to rebalance during the following operations: • When adding a new disk or tape target container. • When removing an existing disk or tape target container. • After failover to a backup encryption engine in an HA cluster. • After an failed encryption engine in an HA cluster is recovered, and failback processing has taken place. To rebalance an encryption engine, do the following. 1. Log in to the switch as Admin or SecurityAdmin. 2. Issue the cryptocfg - -show -localEE command. 3. Look for Rebalance recommended under EE Attributes in the output. If rebalancing is recommended, issue the cryptocfg - -rebalance command. If the encryption node is a blade, include the blade's slot number (cryptocfg - -rebalance ). Gathering information Before you begin, have the following information ready: • The switch WWNs of all nodes in the encryption group. Use the cryptocfg --show -groupmember -all command to gather this information. • The port WWNs of the targets whose LUNs are being enabled for data-at-rest encryption. • The port WWNs of the hosts (initiators) which should gain access to the LUNs hosted on the targets. Any given target may have multiple ports through which a given LUN is accessible and the ports are connected to different fabrics for redundancy purposes. Any given target port through which the LUNs are accessible must be hosted on only one Encryption switch (or pair in case of HA deployment). Another such target port should be hosted on a different encryption switch either in the same fabric or in a different fabric based on host MPIO configuration. A given host port through which the LUNs are accessible is hosted on the same encryption switch on which the target port (CryptoTarget container) of the LUNs is hosted. NOTE It is recommended you complete the encryption group and HA cluster configuration before configuring the CryptoTarget containers. Creating a CryptoTarget container 1. Log in to the group leader as Admin or FabricAdmin. 2. Enter the cryptocfg --create -container command. Specify the type of container, (disk or tape), followed by a name for the CryptoTarget container, the encryption engine's node WWN, and the target's Port WWN and node WWN. Provide a slot number if the encryption engine is a blade. Fabric OS Encryption Administrator's Guide 149 53-1002159-03
![](/manual_guide/products/hewlettpackard-brocade-812c-fabric-os-encryption-administrator039s-guide-2e9e911/169.png)