Fabric OS Encryption Administrator's Guide v6.4.0 (53-1001864-01, June 2010)

ManualsBrandsHP ManualsStorageHP StorageWorks Edge Switch 2/12

191

192

193

194

195

196

197

198

199

200

Fabric OS Encryption Administrator’s Guide 181

53-1001864-01

Chapter

Maintenance and Troubleshooting

In this Chapter

•Encryption group and HA cluster maintenance . . . . . . . . . . . . . . . . . . . . . . 181

•Troubleshooting examples using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . 198

•Management application encryption wizard troubleshooting . . . . . . . . . . 200

•Errors related to adding a switch to an existing group . . . . . . . . . . . . . . . . 200

•LUN policy troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204

•MPIO and internal LUN states. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

Encryption group and HA cluster maintenance

This section describes advanced configuration options that you can use to modify existing

encryption groups and HA clusters, and to recover from problems with one or more member nodes

in the group.

All group-wide configuration commands are executed on the group leader. Commands that clear

group-related states from an individual node are executed on the node. The commands require

Admin or SecurityAdmin permissions.

Removing a node from an encryption group

This procedure permanently removes a node from the encryption group as shown in Figure 71.

Upon removal, the HA cluster failover capability and target associations pertaining to the node are

no longer present. If you wish to take a node out of a group without disrupting these relationships,

use the cryptocfg

--replaceEE command. Refer to the section “Replacing an HA cluster member”

on page 185 for instructions.

The procedure for removing a node depends on the node’s status within an encryption group. HA

cluster membership and Crypto LUN configurations must be cleared before you can permanently

remove a member node from an encryption group.

1. Log into the group leader as Admin or SecurityAdmin.

2. If the node is part of an HA cluster, perform the following steps:

a. Remove the node from the HA cluster with the cryptocfg

--rem -haclustermember

command.

b. Clear all CryptoTarget configurations from the member node with the cryptocfg

--delete

-container command.

3. Determine the state of the node. Log into the member node and enter the cryptocfg

--show

-groupmember command followed by the node WWN. Provide a slot number if the encryption

engine is a blade.