Release notes
Replace a FIPS drive or SED in ONTAP
Suggest changes
-
PDF of this doc site
-
Cluster administration
-
Volume administration
-
Logical storage management with the CLI
-
-
NAS storage management
-
Configure NFS with the CLI
-
Manage NFS with the CLI
-
Manage SMB with the CLI
-
Manage file access using SMB
-
-
-
Security and data encryption
-
Data protection and disaster recovery
-
Collection of separate PDF docs
Creating your file...
You can replace a FIPS drive or SED the same way you replace an ordinary disk. Make sure to assign new data authentication keys to the replacement drive. For a FIPS drive, you may also want to assign a new FIPS 140-2 authentication key.
|
If an HA pair is using encrypting SAS or NVMe drives (SED, NSE, FIPS), you must follow the instructions in the topic Returning a FIPS drive or SED to unprotected mode for all drives within the HA pair prior to initializing the system (boot options 4 or 9). Failure to do this may result in future data loss if the drives are repurposed. |
-
You must know the key ID for the authentication key used by the drive.
-
You must be a cluster administrator to perform this task.
-
Ensure that the disk has been marked as failed:
storage disk show -brokenLearn more about
storage disk showin the ONTAP command reference.cluster1::> storage disk show -broken Original Owner: cluster1-01 Checksum Compatibility: block Usable Physical Disk Outage Reason HA Shelf Bay Chan Pool Type RPM Size Size ------ ---- ------------ ---- --- ---- ------ ----- ----- ------- ------- 0.0.0 admin failed 0b 1 0 A Pool0 FCAL 10000 132.8GB 133.9GB 0.0.7 admin removed 0b 2 6 A Pool1 FCAL 10000 132.8GB 134.2GB [...] -
Remove the failed disk and replace it with a new FIPS drive or SED, following the instructions in the hardware guide for your disk shelf model.
-
Assign ownership of the newly replaced disk:
storage disk assign -disk disk_name -owner nodeLearn more about
storage disk assignin the ONTAP command reference.cluster1::> storage disk assign -disk 2.1.1 -owner cluster1-01
-
Confirm that the new disk has been assigned:
storage encryption disk showLearn more about
storage encryption disk showin the ONTAP command reference.cluster1::> storage encryption disk show Disk Mode Data Key ID ----- ---- ---------------------------------------------------------------- 0.0.0 data <id_value> 0.0.1 data <id_value> 1.10.0 data <id_value> 1.10.1 data <id_value> 2.1.1 open 0x0 [...]
-
Assign the data authentication keys to the FIPS drive or SED.
-
If necessary, assign a FIPS 140-2 authentication key to the FIPS drive.
