Enable cleaning by default

This patch enables cleaning by default. It is always safer to erase data after an instance has been deleted, and as such, this is a sane production default. The only potential impact of this option being enabled is that deletion may (depending on hardware) take longer. This commit also updates the help string to describe the only known production situation where disabling this option makes sense -- that is, where there is only a single, trusted tenant. Implements blueprint implement-cleaning-steps Depends-On: I77081165a80491da3e66d8a4554b6d71fc3d9353 Change-Id: I4ed4fbc8c4d88988add953307f8871cbfa33971f
2015-03-18 09:22:36 -07:00 · 2015-03-18 09:22:36 -07:00 · 392dc1ff98
commit 392dc1ff98
parent 3bdf13db77
2 changed files with 8 additions and 12 deletions
--- a/etc/ironic/ironic.conf.sample
+++ b/etc/ironic/ironic.conf.sample
@ -516,12 +516,10 @@
 # driver that node is managed by; see the individual driver's
 # documentation for details. NOTE: The introduction of the
 # cleaning operation causes instance deletion to take
-# significantly longer. While this provides a better and more
-# secure user experience, it does impact the service behavior,
-# and as such IS DISABLED BY DEFAULT until consuming services
-# (eg, Nova) have been updated to accommodate the additional
-# time for deletion. (boolean value)
-#clean_nodes=false
+# significantly longer. In an environment where all tenants
+# are trusted (eg, because there is only one tenant), this
+# option could be safely disabled. (boolean value)
+#clean_nodes=true


 [console]
--- a/ironic/conductor/manager.py
+++ b/ironic/conductor/manager.py
@ -169,7 +169,7 @@ conductor_opts = [
                   help='Timeout (seconds) for waiting for node inspection. '
                        '0 - unlimited.'),
        cfg.BoolOpt('clean_nodes',
-                    default=False,
+                    default=True,
                    help='Cleaning is a configurable set of steps, such as '
                         'erasing disk drives, that are performed on the node '
                         'to ensure it is in a baseline state and ready to be '
@ -182,11 +182,9 @@ conductor_opts = [
                         'driver\'s documentation for details. '
                         'NOTE: The introduction of the cleaning operation '
                         'causes instance deletion to take significantly '
-                         'longer. While this provides a better and more '
-                         'secure user experience, it does impact the service '
-                         'behavior, and as such IS DISABLED BY DEFAULT until '
-                         'consuming services (eg, Nova) have been updated to '
-                         'accommodate the additional time for deletion.'),
+                         'longer. In an environment where all tenants are '
+                         'trusted (eg, because there is only one tenant), '
+                         'this option could be safely disabled.'),
 ]
 CONF = cfg.CONF
 CONF.register_opts(conductor_opts, 'conductor')