"Remediate Cluster task fails (Encryption was enabled on disk level but disabled from cluster level)".
Command to check the encryption on disk level : esxcli vsan storage list | grep -i encryption
To view the cluster level encryption status please follow the below steps :
VMware vSphere 7.x
VMware vSphere 8.x
The Issue will occur if vSAN encryption is disabled without selecting "Allow reduce redundancy" option for vSAN cluster running with minimum number of hosts and running low on storage space.
In "Allow Reduced Redundancy" option, disk group recreation will be performed without evacuating the disk group.
The table shows the minimum host required for different RAID type.
Failure to Tolerate | RAID Type | Minimum Hosts Required |
0 | RAID-1 | 3 |
1 | RAID-1 | 3 |
2 | RAID-1 | 5 |
3 | RAID-1 | 7 |
1 | RAID-5 | 4 |
2 | RAID-6 | 6 |
Steps to resolve the issue :
Note:
Always back up your data before making any changes to encryption settings.
The cluster should be in a healthy state with no outstanding issues in skyline health that need resolution prior disabling encryption
To be alerted when this article is updated, follow KB Subscribe to a Broadcom knowledge article