Add config option for ATA erase fallback in agent
Operators should be able to choose if they wish to fallback when a disk based secure erase operation fails. Adds a configuration option to be passed to the agent during cleaning operations in order to allow that decision to prevent failed secure erase operations from causing the node to go into CLEANFAIL state by enabling fallback logic. Change-Id: I13c0fef3a6aa1903bfe1f54ba4fafbeadd673666 Closes-Bug: #1536695
This commit is contained in:
parent
8b75becccb
commit
87e68256b6
@ -850,6 +850,13 @@
|
||||
# Erased. Defaults to True. (boolean value)
|
||||
#shred_final_overwrite_with_zeros = true
|
||||
|
||||
# Defines what to do if an ATA secure erase operation fails
|
||||
# during cleaning in the Ironic Python Agent. If False, the
|
||||
# cleaning operation will fail and the node will be put in
|
||||
# ``clean failed`` state. If True, shred will be invoked and
|
||||
# cleaning will continue. (boolean value)
|
||||
#continue_if_disk_secure_erase_fails = false
|
||||
|
||||
# Whether to power off a node after deploy failure. Defaults
|
||||
# to True. (boolean value)
|
||||
#power_off_after_deploy_failure = true
|
||||
|
@ -77,6 +77,14 @@ deploy_opts = [
|
||||
"deploy.shred_random_overwrite_interations is 0. This "
|
||||
"option is only used if a device could not be ATA "
|
||||
"Secure Erased. Defaults to True.")),
|
||||
cfg.BoolOpt('continue_if_disk_secure_erase_fails',
|
||||
default=False,
|
||||
help=_('Defines what to do if an ATA secure erase operation '
|
||||
'fails during cleaning in the Ironic Python Agent. '
|
||||
'If False, the cleaning operation will fail and the '
|
||||
'node will be put in ``clean failed`` state. '
|
||||
'If True, shred will be invoked and cleaning will '
|
||||
'continue.')),
|
||||
cfg.BoolOpt('power_off_after_deploy_failure',
|
||||
default=True,
|
||||
help=_('Whether to power off a node after deploy failure. '
|
||||
@ -659,6 +667,8 @@ def agent_add_clean_params(task):
|
||||
info['agent_erase_devices_iterations'] = random_iterations
|
||||
zeroize = CONF.deploy.shred_final_overwrite_with_zeros
|
||||
info['agent_erase_devices_zeroize'] = zeroize
|
||||
erase_fallback = CONF.deploy.continue_if_disk_secure_erase_fails
|
||||
info['agent_continue_if_ata_erase_failed'] = erase_fallback
|
||||
|
||||
task.node.driver_internal_info = info
|
||||
task.node.save()
|
||||
|
@ -1715,6 +1715,8 @@ class AgentMethodsTestCase(db_base.DbTestCase):
|
||||
cfg.CONF.set_override('shred_random_overwrite_iterations', 2, 'deploy')
|
||||
cfg.CONF.set_override('shred_final_overwrite_with_zeros', False,
|
||||
'deploy')
|
||||
cfg.CONF.set_override('continue_if_disk_secure_erase_fails', True,
|
||||
'deploy')
|
||||
with task_manager.acquire(
|
||||
self.context, self.node.uuid, shared=False) as task:
|
||||
utils.agent_add_clean_params(task)
|
||||
@ -1722,6 +1724,8 @@ class AgentMethodsTestCase(db_base.DbTestCase):
|
||||
'agent_erase_devices_iterations'))
|
||||
self.assertEqual(False, task.node.driver_internal_info.get(
|
||||
'agent_erase_devices_zeroize'))
|
||||
self.assertEqual(True, task.node.driver_internal_info.get(
|
||||
'agent_continue_if_ata_erase_failed'))
|
||||
|
||||
@mock.patch('ironic.dhcp.neutron.NeutronDHCPApi.delete_cleaning_ports',
|
||||
autospec=True)
|
||||
|
@ -0,0 +1,16 @@
|
||||
---
|
||||
features:
|
||||
- A new configuration option
|
||||
``[deploy]continue_if_disk_secure_erase_fails``, which
|
||||
has a default value of False, has been added. If set to
|
||||
True, the Ironic Python Agent will revert to a disk shred
|
||||
operation if an ATA secure erase operation fails. Under
|
||||
normal circumstances, the failure of an ATA secure erase
|
||||
operation results in the node being put in ``clean failed``
|
||||
state.
|
||||
upgrades:
|
||||
- A new configuration option
|
||||
``[deploy]continue_if_disk_secure_erase_fails``, which
|
||||
has a default value of False, has been added. The default
|
||||
setting represents the standard behavior of the Ironic
|
||||
Python Agent during a cleaning failure.
|
Loading…
x
Reference in New Issue
Block a user