Disk sanitization enables you to remove data from a disk or set of disks so that the data can never be recovered.
Before you begin
The disks that you want to sanitize must be spare disks; they must be owned but not used in an aggregate.
About this task
When disk sanitization is enabled on a storage system, it cannot be disabled again.
- Enter the nodeshell for the system that owns the disks you want to sanitize by entering the following command:
system node run -node node_name
- Enable the disk sanitization option to be modified by entering the following command:
options nodescope.reenabledoptions licensed_feature.disk_sanitization.enable
- Enable disk sanitization by entering the following command:
options licensed_feature.disk_sanitization.enable on
You are asked to confirm the command, because it is irreversible.
- Sanitize the specified disks by entering the following command:
disk sanitize start [-p pattern1|-r [-p pattern2|-r [-p pattern3|-r]]] [-c cycle_count] disk_list Attention:
Do not turn off the storage system, disrupt the storage connectivity, or remove target disks while sanitizing. If sanitizing is interrupted during the formatting phase, the formatting phase must be restarted and allowed to finish before the disks are sanitized and ready to be returned to the spare pool.
If you need to abort the sanitization process, you can do so by using the disk sanitize abort command. If the specified disks are undergoing the formatting phase of sanitization, the abort does not occur until the phase is complete. At that time, Data ONTAP displays a message telling you that the sanitization process was stopped.
-p pattern1 -p pattern2 -p pattern3 specifies a cycle of one to three user-defined hex byte overwrite patterns that can be applied in succession to the disks being sanitized. The default pattern is three passes, using 0x55 for the first pass, 0xaa for the second pass, and 0x3c for the third pass.
-r replaces a patterned overwrite with a random overwrite for any or all of the passes.
-c cycle_count specifies the number of times that the specified overwrite patterns are applied. The default value is one cycle. The maximum value is seven cycles.
disk_list specifies a space-separated list of the IDs of the spare disks to be sanitized.
- If you want to check the status of the disk sanitization process, enter the following command:
disk sanitize status [disk_list]
- After the sanitization process is complete, return the disks to spare status by entering the following command for each disk:
disk sanitize release disk_name
- Return to the clustered Data ONTAP CLI by entering the following command:
- Determine whether all of the disks were returned to spare status by entering the following command:
storage disk show -spare
|All of the sanitized disks are listed as spares
||You are done. The disks are sanitized and in spare status.
|Some of the sanitized disks are not listed as spares
||Complete the following steps:
- Enter advanced privilege mode:
set -privilege advanced
- Assign the unassigned sanitized disks to the appropriate node by entering the following command for each disk:
storage disk assign -disk disk_name -owner system_name
- Return the disks to spare status by entering the following command for each disk:
storage disk unfail -disk disk_name -s
- Return to administrative mode:
set -privilege admin
The specified disks are sanitized and designated as hot spares.