Table of ContentsView in Frames

Selectively sanitizing data contained in traditional volumes

To selectively sanitize data contained in traditional volumes, you migrate any data you want to preserve to a new volume, and then sanitize the disks that contained the old volume.

Before you begin

  • You must have set the licensed_feature.disk_sanitization.enable option to On.
    Attention: After disk sanitization is enabled on a storage system, it is permanent, and it prevents certain Data ONTAP commands from being run.
  • Your system must have enough free space to duplicate the entire traditional volume you are performing the selective sanitization on, regardless of how much data you are deleting before migrating the data.

Steps

  1. Stop any applications that write to the volume you plan to sanitize.
  2. From a Windows or UNIX client, delete the directories or files whose data you want to selectively sanitize from the active file system.
    Use the appropriate Windows or UNIX command, such as rm /nixdir/nixfile.doc.
  3. Remove NFS and CIFS access to the volume you plan to sanitize.
  4. Create a traditional volume to which you will migrate the data you did not delete by entering the following command:aggr create dest_vol -v disks
    Note: This traditional volume must have a storage capacity equal to or greater than the volume from which you are migrating. It must have a different name; later, you will rename it to have the same name as the volume you are sanitizing.
    Example
    aggr create nixdestvol -v 8@72G
    This new volume provides a migration destination that is free of the data that you want to sanitize.
  5. From the Data ONTAP command line, enter the following command to delete all volume Snapshot copies of the traditional volume that contained the files and directories you just deleted:snap delete -V -a vol_name
    vol_name is the traditional volume that contained the files or directories that you just deleted.
    Example
    snap delete -V -a nixdestvol
  6. Confirm that you have deleted all files or directories that you want to sanitize from the source volume.
  7. Copy the data you want to preserve to the destination volume from the volume you want to sanitize by entering the following command:ndmpcopy /vol/src_vol /vol/dest_vol
    src_vol is the volume you want to sanitize.

    dest_vol is the destination volume.

    For information about the ndmpcopy command, see the Data ONTAP Data Protection Tape Backup and Recovery Guide for 7-Mode.

    Example
    ndmpcopy /vol/nixsrcvol /vol/nixdestvol
  8. List the disks used in the source volume by entering the following command:aggr status src_vol -r
    Example
    aggr status nixsrcvol -r
    The disks that you will sanitize are listed in the Device column of the aggr status -r output.
  9. Record the IDs of the disks used in the source volume.
    After that volume is destroyed, you will sanitize these disks.
  10. Take the volume you are sanitizing offline and destroy it by entering the following commands:aggr offline src_volaggr destroy src_vol
    Example
    aggr offline nixsrcvolaggr destroy nixsrcvol
  11. Rename the new volume, giving it the name of the volume that you just destroyed, by entering the following command:aggr rename dest_vol old_src_vol_name
    Example
    aggr rename nixdestvol nixsrcvol
  12. To confirm that the new volume is named correctly, list your volumes by entering the following command:aggr status old_src_vol_name
  13. Reestablish your CIFS or NFS services.
    • If the original volume supported CIFS services, restart the CIFS services on the volumes in the destination aggregate after migration is complete.
    • If the original volume supported NFS services, enter the following command:exportfs -a
    Users who were accessing files in the original volume will continue to access those files in the renamed destination volume.
  14. Follow the procedure for sanitizing disks to sanitize the disks that belonged to the source volume.

Result

After sanitizing, the data that you removed from the source volume no longer exists anywhere on your storage system and cannot be restored.