No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Disk Encryption User Guide

OceanStor V5 Series V500R007

This document is applicable to OceanStor 5110 V5, 5110F V5, 5300 V5, 5300F V5, 5500 V5, 5500F V5, 5600 V5, 5600F V5, 5800 V5, 5800F V5, 6800 V5, 6800F V5, 18500 V5, 18500F V5, 18800 V5, and 18800F V5. It introduces how to install and configure key management servers connected to the storage systems that use self-encrypting disks.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
How Can I Recover Services If They Are Interrupted Due to the Loss of the Disk Encryption Key?

How Can I Recover Services If They Are Interrupted Due to the Loss of the Disk Encryption Key?

Question

How can I recover services if the key of the self-encrypting disk domain is damaged?

Answer

If the disk encryption key is lost, the storage system cannot access the SEDs after a transient interruption occurs. This will result in a disk domain fault and service interruption.

You can recover the services as follows:

Some operations must be performed in developer mode on the CLI. Therefore, it is recommended that you contact Huawei technical support engineers to recover the services.

  1. Recover the key.

    For details, see How Can I Recover Encryption Key Files of Disks?.

  2. Identify faulty disks.

    On the CLI, run show disk general to check the status of each SED.

    admin:/>show disk general  
    ID Health Status Running Status Type Capacity Role Disk Domain ID Speed(RPM) Health Mark Bar Code Item AutoLock State 
    --------- ------------- -------------- ------- ---------- ----------- -------------- ---------- ----------- -------------------- -------- -------------- 
    DAE000.0 Fault Online SSD SED 561.994GB Member Disk 0 10000 -- 210235G6BB1000000007 0235G6BB ON 
    DAE000.1 Fault Online SSD SED 561.994GB Member Disk 0 10000 -- 210235G6BB1000000007 0235G6BB ON 
    DAE000.2 Fault Online SSD SED 561.994GB Member Disk 0 10000 -- 210235G6BB1000000007 0235G6BB ON     
    NOTE:

    If the AutoLock State of a disk is ON and Health Status is Fault, this is a faulty disk.

  3. Power off and then power on all the faulty disks.

    On the CLI, run poweroff disk and poweron disk in developer mode.

    engineer:/>poweroff disk disk_id=DAE000.0  
    DANGER: You are about to power off the disk.   
    This operation causes the disk to be unreadable and unwritable for services. If the disk domain where the disk resides is in the reconstruction or degradation state, this operation may cause reconstruction failure, service interruption, and data loss. 
    Suggestion: Before performing this operation, check the disk properties and status of the disk domain that houses the disk to avoid reconstruction failure, service interruption and data loss. Back up data before powering off.  
    Have you read danger alert message carefully?(y/n)y  
    Are you sure you really want to perform the operation?(y/n)y  
    Command executed successfully.     
    engineer:/>poweron disk disk_id=DAE000.0  
    Command executed successfully.     
    NOTE:

    If a faulty disk is not a member of the involved disk domain, the disk's object will be released after it is powered off. As a result, powering on the disk will fail.

  4. After all faulty disks have been powered on, check the health status of the disk domain.

    On the CLI, run show disk_domain general to check the disk domain status.

    admin:/>show disk_domain general  
    ID Name Health Status Running Status Total Capacity Free Capacity Hot Spare Capacity Used Hot Spare Capacity 
    -- ---- ------------- -------------- -------------- ------------- ------------------ ----------------------- 
    0 d0 Normal Online 4.055TB 556.242GB 524.312GB 0.000B     
    • If Health Status of the disk domain is Normal or Degraded, services are being recovered.
    • If Health Status of the disk domain is other values, services are not recovered. Contact Huawei engineers for assistance.

Translation
Download
Updated: 2019-07-11

Document ID: EDOC1000181504

Views: 23139

Downloads: 181

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next