Fortinet black logo

Administration Guide

Home FortiAnalyzer BigData 7.2.6 Administration Guide
7.2.6
7.4.0
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.1
6.4.6
6.4.5
6.2.5
6.2.1

Open encrypted data disk partitions

Open encrypted data disk partitions

This topic contains examples of opening the encrypted data disk partitions in the following scenarios:

After a blade power cycle

Every time the FortiAnalyzer-BigData OS boots up after a planned or unplanned power cycle, you need to open the encrypted data disk partitions with your passphrase.

There are two methods to open them.

To open the encrypted data disk partitions via the BMC remote console:

  1. Access the BMC remote console of the restarted blade.

  2. Log in to the OS using root credentials.

  3. Follow the prompt to enter the cluster encryption passphrase for opening the data disk partitions.

To open the encrypted data disk partitions via the Controller shell:

  1. Connect to the Controller shell.

  2. Utilize the fazbdctl disk-encryption open {host} command to open the encrypted disk partitions on the restarted blade.

After a graceful chassis power cycle

To open the encrypted data disk partitions after a graceful chassis power cycle:

  1. Follow steps to gracefully shut down services in the GUI.

    Go to Cluster Manager > Services > Actions > Stop All Services, and then power off the blades.

    See steps to perform a graceful system shutdown in General maintenance and best practices.

  2. Once the chassis (including all blades) is powered on again, the web GUI will display the Setup Wizard upon opening.

  3. Follow the instructions to connect to the Controller shell and open the encrypted disk partitions. See To open the encrypted data disk partitions via the Controller shell:.

  4. Once the data disk partitions are opened, proceed with the Setup Wizard GUI to start all services.

When performing an upgrade or soft reset

To open the encrypted data disk partitions during an upgrade or soft reset:

  1. Follow steps to perform a system upgrade or soft reset.

    For steps to upgrade, see Upgrade FortiAnalyzer-BigData.

    For steps to soft reset, see Soft reset FortiAnalyzer-BigData.

  2. After completing the pre-upgrade phases, the Controller will reboot and start to sync all members.

    Once the members have re-joined, the upgrade process will pause for you to open the encrypted data disk partitions.

  3. To proceed, reconnect to the Controller shell and follow the message prompts to open the encrypted disk partitions on all cluster hosts.

    Once the encrypted disk partitions are opened, the upgrade will continue automatically.

When scaling out the cluster or replacing a blade

To open the encrypted data disk partitions when scaling out or replacing a blade:

  1. Follow steps to scale out or replace a blade.

    For steps to scale out, see How to scale out.

    For steps to replace a blade, see How to replace a blade on a FortiAnalyzer-BigData appliance.

  2. During the step to Assign Role for the blade, a confirmation prompt will appear in the GUI. This prompt will provide instructions on how to initialize data encryption on the new or replaced host(s).

  3. Follow the instructions provided in the prompt to connect to the Controller shell and initialize the encrypted disk partitions on the new or replacement host(s). For example, connect to the Controller shell and enter the following command: fazbdctl disk-encryption init {host}.

    Once completed, you can proceed with the Assign Role process.

    Caution

    If the step to initialize the encrypted disk partitions is missed, the Assign Role task will fail during the pre-flight check.
Previous
Next

Open encrypted data disk partitions

This topic contains examples of opening the encrypted data disk partitions in the following scenarios:

After a blade power cycle

Every time the FortiAnalyzer-BigData OS boots up after a planned or unplanned power cycle, you need to open the encrypted data disk partitions with your passphrase.

There are two methods to open them.

To open the encrypted data disk partitions via the BMC remote console:

  1. Access the BMC remote console of the restarted blade.

  2. Log in to the OS using root credentials.

  3. Follow the prompt to enter the cluster encryption passphrase for opening the data disk partitions.

To open the encrypted data disk partitions via the Controller shell:

  1. Connect to the Controller shell.

  2. Utilize the fazbdctl disk-encryption open {host} command to open the encrypted disk partitions on the restarted blade.

After a graceful chassis power cycle

To open the encrypted data disk partitions after a graceful chassis power cycle:

  1. Follow steps to gracefully shut down services in the GUI.

    Go to Cluster Manager > Services > Actions > Stop All Services, and then power off the blades.

    See steps to perform a graceful system shutdown in General maintenance and best practices.

  2. Once the chassis (including all blades) is powered on again, the web GUI will display the Setup Wizard upon opening.

  3. Follow the instructions to connect to the Controller shell and open the encrypted disk partitions. See To open the encrypted data disk partitions via the Controller shell:.

  4. Once the data disk partitions are opened, proceed with the Setup Wizard GUI to start all services.

When performing an upgrade or soft reset

To open the encrypted data disk partitions during an upgrade or soft reset:

  1. Follow steps to perform a system upgrade or soft reset.

    For steps to upgrade, see Upgrade FortiAnalyzer-BigData.

    For steps to soft reset, see Soft reset FortiAnalyzer-BigData.

  2. After completing the pre-upgrade phases, the Controller will reboot and start to sync all members.

    Once the members have re-joined, the upgrade process will pause for you to open the encrypted data disk partitions.

  3. To proceed, reconnect to the Controller shell and follow the message prompts to open the encrypted disk partitions on all cluster hosts.

    Once the encrypted disk partitions are opened, the upgrade will continue automatically.

When scaling out the cluster or replacing a blade

To open the encrypted data disk partitions when scaling out or replacing a blade:

  1. Follow steps to scale out or replace a blade.

    For steps to scale out, see How to scale out.

    For steps to replace a blade, see How to replace a blade on a FortiAnalyzer-BigData appliance.

  2. During the step to Assign Role for the blade, a confirmation prompt will appear in the GUI. This prompt will provide instructions on how to initialize data encryption on the new or replaced host(s).

  3. Follow the instructions provided in the prompt to connect to the Controller shell and initialize the encrypted disk partitions on the new or replacement host(s). For example, connect to the Controller shell and enter the following command: fazbdctl disk-encryption init {host}.

    Once completed, you can proceed with the Assign Role process.

    Caution

    If the step to initialize the encrypted disk partitions is missed, the Assign Role task will fail during the pre-flight check.
Previous
Next