HCP System Management Help


Encryption and compression of objects in storage pools

The configuration of an economy or extended storage pool specifies whether the data for an object should be encrypted and/or compressed when it’s stored on the economy or external storage that’s used for that pool. Encryption can only be enabled if it has been enabled for the system when it was first installed. If it is not, the option to encrypt data does not appear anywhere on the System Management Console.

If the encryption option is selected for an economy or extended storage pool, the storage tiering service encrypts object data before writing it to the economy or extended storage that’s used for that pool. When reading encrypted data from an economy or extended storage pool, HCP automatically decrypts the data.

Note: If an extended storage tier contains multiple external storage pools, HCP evenly distributes object data that’s stored on that tier across all of those pools. For this reason, each storage pool that’s configured for a given extended storage tier should be configured to use the same encryption setting (enabled or disabled).

To encrypt object data for economy or extended storage, the storage tiering service uses the currently active NDMP encryption key. To manage NDMP encryption keys, go the System Management Console and click on StorageCertificates & Keys.

From the StorageCertificates & Keys, you can download an existing key by clicking on the Download Key ( ) button an encryption key. In the Download Encryption Key window that opens, enter the Secret Key Password and renter the password

If compression is selected for an economy or extended storage pool, the storage tiering service compresses the object data before writing it to the economy or extended storage that’s used for that pool. When reading compressed data from an economy or extended storage pool, HCP automatically decompresses the data.

This compression activity is separate from the activity of the compression service. If an object in HCP has been compressed by the compression service, HCP must decompress it before the storage tiering service can compress the object data and write it to economy or extended storage.

Note: If an extended storage tier contains multiple storage pools, HCP evenly distributes object data that’s stored on that tier across all of those pools. For this reason, each extended storage pool that’s configured for a given storage tier should be configured to use the same compression setting (enabled or disabled).

If you change the encryption or compression setting for a given economy or extended storage pool, the change affects only the data that’s stored after you make the change. HCP does not change the data that’s already stored on economy or extended storage that’s used for the pool. As a result, an economy or extended storage pool may contain both encrypted and unencrypted data and both compressed and uncompressed data at the same time.

© 2017 Hitachi Vantara Corporation. All rights reserved.