MD1967
Contributor
Contributor

Adding new disks to Encrypted vSAN Cluster

Jump to solution

Hi guys.

Thanks for reading. I have been scouring KBs and blogs for my answer but cannot get any kind of nailed on answer

We are currently running vSAN across 4 x vSphere 6.5 hosts and want to expand the disks to acoomodate a migration.  I am ok with the process of add the disks, however I know that the disks are encrypted using an on prem KMS server. r

Can anyone advise if there are any further steps I need to perform to encryptt the disks apart from the process to add new disk ? Does the encrypting process add a lot of time to this ?anks a


Thnks again all.  Best wishes

0 Kudos
1 Solution

Accepted Solutions
TheBobkin
VMware Employee
VMware Employee

Hello MD1967​,

It should just be a case of it pulling the KEK and formatting the disk for encryption and then adding it to the DG once complete - whether this will take a long time or not likely depends just on whether you have 'Erase before use'/'Wipe residual disks' configured

Day 2 Encryption Operations | vSAN Data Encryption at Rest | VMware

Guidance when using "Erase disks before use" | vSAN Data Encryption at Rest | VMware

Bob

View solution in original post

0 Kudos
1 Reply
TheBobkin
VMware Employee
VMware Employee

Hello MD1967​,

It should just be a case of it pulling the KEK and formatting the disk for encryption and then adding it to the DG once complete - whether this will take a long time or not likely depends just on whether you have 'Erase before use'/'Wipe residual disks' configured

Day 2 Encryption Operations | vSAN Data Encryption at Rest | VMware

Guidance when using "Erase disks before use" | vSAN Data Encryption at Rest | VMware

Bob

View solution in original post

0 Kudos