Deleting a Disk Domain
This operation enables you to delete an encrypted disk domain.
Prerequisites
The storage pools in the disk domain have been deleted.
Procedure
- Choose
Provisioning >
Disk Domain.
- Delete a disk domain.
- Select the disk domain that you want to delete, and click Delete.
The Delete Disk Domain dialog box is displayed.
- (Optional) Select Erase Data.
- If Erase Data is selected, the system first deletes the disk domain and then erases data from disks in the disk domain. You are advised to select this option.
- If Erase Data is not selected, the system will delete the disk domain but retain data that has been written to disks. This results in data leakage risks.
- Only unencrypted disk domains with Disk Type being SSD and encrypted disk domains support this Erase Data function.
- Generally, SSDs support three data erasure mechanisms: block_erase, cryptographic_erase, and overwrite. The support of a specific disk brand depends on the capabilities provided by the disk vendor. If the storage system sends an event indicating that the erasure mechanism is not supported during data erasure, you are advised to use another mechanism.
- SED HDDs support only cryptographic_erase while non-SED HDDs do not support data erasure.
- For V500R007C60SPC300 and later versions, do not run any commands to clear configuration data during data erasure, including ccdb.sh -c clearccdb, ccdb.sh -c cleardbfile, ccdb.sh -c operdb, ccdb.sh -c recoverymd, ccdb.sh -c repairdb, change ccdb general, restore system factory_mode, change cluster controllers, change controllers_expansion cancel, and clear configuration_data.
- For V500R007C71SPC100 and earlier versions, do not erase disk data within 15 minutes after the storage system is upgraded or a patch is installed.
- Select I have read and understand the consequences associated with performing this operation, and click OK.
The Erase Data dialog box is displayed.
- Set data erasure parameters.Table 7-5 describes the parameters.Table 7-5 Data erasure parameters
Parameter
Description
Value
Data Erasure Mechanism
Indicates the disk data erasure method. The possible values of this parameter include:
- block_erase: erases disk data by block.
- cryptographic_erase: erases security keys. This value is available only for self-encrypting disks.NOTE:
This parameter applies only to SEDs.
- overwrite: overwrites disk data with specific pattern data.NOTE:
Different types of disks support different data erasure mechanisms. When a system erases the data in a selected disk, if it reports an event indicating that the specified data erasure mechanism is not supported, use another data erasure mechanism.
[Example]
overwrite
Data Erasure Standard
Indicates the standard for overwriting disk data. The possible values include DoD 5220.22-M (E), DoD 5220.22-M (ECE), VSITR and Custom. This parameter is available only when Data Erasure Mechanism is set to overwrite.
NOTE:- When Data Erasure Standard is set to Custom, the system will overwrite disk data according to Pattern Value and Number of Overwrites specified by users.
- DoD 5220.22-M (E): DoD 5220.22-M standard that enables a storage system to write 0x55, 0xAA, and a pseudo random number in sequence.
- DoD 5220.22-M (ECE): DoD 5220.22-M (ECE) standard that enables a storage system to write 0x55, 0xAA, a pseudo random number, a pseudo random number, 0x55, 0xAA, and a pseudo random number in sequence.
- VSITR: VSITR standard that enables a storage system to write 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, and a pseudo random number in sequence.
- Custom: User-defined standard. You can customize the hexadecimal numbers to be written and the number of write times.
[Example]
Custom
Pattern Value
Indicates the value used to overwrite disk data. A pattern value is one byte in length.
NOTE:- This parameter is available only when Data Erasure Standard is set to Custom.
- The value of this parameter can be r or a one-byte hexadecimal number starting with 0x. A maximum of three values can be entered.
- Value r indicates a random number.
[Example]
0x00
Number of Overwrites
Indicates the number of times the disk data is overwritten using the pattern value.
NOTE:- This parameter is available only when Data Erasure Standard is set to Custom.
[Value range]
1 to 15
[Example]
5
Verify Data Erasure
If Verify Data Erasure is set to Enable, the system verifies whether the disk data is erased completely.
NOTE:- This parameter is unavailable when Data Erasure Mechanism is set to cryptographic_erase.
- The speed of verifying SSD data erasure is about 200 MB/s to 350 MB/s. Estimate the verification time and then determine whether to enable verification or select a proper percentage of data to be verified.
- You can view the data erasure report to check whether data is successfully erased. If the value of Result in the report is succeeded, data is successfully erased.
[Default value]
Disable
Data to Be Verified (%)
Indicates the percentage of the data to be verified to the total disk capacity.
NOTE:This parameter is valid only when Data Erasure Mechanism is set to overwrite or block_erase and Verify Data Erasure is set to Enable.
[Value range]
1 to 100
[Default value]
10
- Select the disk domain that you want to delete, and click Delete.
- Click OK.
The Execution Result dialog box is displayed, indicating that the operation succeeded.
When Verify Data Erasure is set to Enable, a Danger dialog box is displayed. Read the message in the dialog box carefully, select I have read and understand the consequences associated with performing this operation, and click OK.
- Click Close.