We need to encrypt the NetApp drives. We have a suspicion that this may be because we set them up without the "storage=enabled" flag on configure_netapp.py. We cannot use the "security" option in the drives, despite apparently having a license for it.
In order to have security enabled raid volumes created the following criteria must be met:
We did create raid volumes that were securityType=capable because 1 and 2 were met. However, the reason the securityType=enabled command was failing was because condition 3 was not met. The modified version of the configure_netapp.py script added better detection of those cases. In order to recreate the partitions with security enabled drives turned on, rerun the script using the -p (to set a storageArray password) and the -P (create a passphrase for disk encryption). According to the NetApp documentation, the password must meet the following criteria:
And you must set a password in order to set a security key. The passphrase for the security must also adhere to same criteria as the password. Creating a security will store the security key on the host in /etc/solera/config/<array_name>_seckey.slk
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
This will clear the history and restart the chat.