Securely purge data on an encrypted volume without a SnapMirror relationship
Beginning in ONTAP 9.4, you can use secure-purge to non-disruptively “scrub” data on NVE-enabled volumes.
You must be a cluster administrator to perform this task.
Advanced privileges are required for this task.
Secure-purge may take from several minutes to many hours to complete, depending on the amount of data in the deleted files. You can use the
volume encryption secure-purge show command to view the status of the operation. You can use the
volume encryption secure-purge abort command to terminate the operation.
In order to do a secure purge on a SAN host, you must delete the entire LUN containing the files you want to purge, or you must be able to punch holes in the LUN for the blocks that belong to the files you want purge. If you cannot delete the LUN or your host operating system does not support punching holes in the LUN, you cannot perform a secure purge.
Delete the files or the LUN you want to securely purge.
On a NAS client, delete the files you want to securely purge.
On a SAN host, delete the LUN you want to securely purge or punch holes in the LUN for the blocks that belong to the files you want to purge.
On the storage system, change to advanced privilege level:
set -privilege advanced
If the files you want to securely purge are in snapshots, delete the snapshots:
snapshot delete -vserver SVM_name -volume vol_name -snapshot
Securely purge the deleted files:
volume encryption secure-purge start -vserver SVM_name -volume volume_name
The following command securely purges the deleted files on
cluster1::> volume encryption secure-purge start -vserver vs1 -volume vol1
Verify the status of the secure-purge operation:
volume encryption secure-purge show