Data on the AOS cluster is always encrypted, and the data encryption key (DEK) used to read the encrypted data is known only to the AOS. All data on the drive can effectively be destroyed (that is, become permanently unreadable) by deleting the container or cluster. This is known as a crypto-erase.
-
Log in to any CVM in the cluster using SSH.
-
Power off all the VMs that are running on the hosts in the cluster.
nutanix@cvm$ acli vm.off * -
Stop the Nutanix cluster.
nutanix@cvm$ cluster stop -
Destroy the cluster.
nutanix@cvm$ cluster destroy
For more information on destroying a cluster, see https://portal.nutanix.com/page/documents/details?targetId=Nutanix-Security-Guide-v6_8:wc-security-data-encryption-destroy-wc-aos-t.html.