Fabric OS Encryption Administrator's Guide
Fabric OS Encryption Administrator’s Guide 245
53-1002159-03
Moving a blade from one EG to another EG in the same fabric
6
4. Enter the following command on BES1 to deregister the ejected node from the encryption
group:
cryptocfg --dereg -membernode <BES3-WWN>
5. Enter the following command on BES3 to clean up the encryption configuration on the
deregistered node:
cryptocfg –-reclaimWWN –cleanup
When prompted, enter yes to each prompt.
6. Repeat steps 1-5 for BES4.
7. Create a new EG on BES3:
a. Create the group:
cryptocfg --create -encgroup BES3
b. Set the key vault type. The same key vault type is used for both SKM and ESKM:
cryptocfg --set -keyvault SKM
When prompted, enter yes to each prompt.
8. Add BES4 as a member node to the new EG.
• For details about adding member nodes to an EG, see“Adding a member node to an encryption
group” on page 132.
• For details about creating encryption groups, see ”“Creating a new encryption group” on
page 38.
Moving a blade from one EG to another EG in the same fabric
In this example, which is represented in Table 16, you have two EGs, each containing two nodes.
You want to move the blade currently located in DCX1, slot 4 to DCX2, slot 3 in EG2.
1. Enter the following command on BES1 to reclaim the VI/VT WWN base for the encryption
engine to be moved out of the EG.
cryptocfg --reclaimWWN —EE <DCX1_WWN> 4
When prompted, answer yes.
TABLE 16 Moving a blade from one EG to another EG
Encryption group Nodes (before move) Nodes (after move)
EG1 BES1 (Group Leader)
DCX1—Contains 2 FS-18 blades (slot 2 and
slot 4)
BES1 (Group Leader)
DCX1—Contains 1 FS-18 blade in slot 2
EG2 BES2 (Group Leader)
DCX2—Contains 1 FS-18 blade in slot 2
BES2 (Group Leader)
DCX2—Contains 2 FS-18 blades (slot 2 and
slot 3)