Add config option for ATA erase fallback in agent

Operators should be able to choose if they wish to fallback when a disk based secure erase operation fails. Adds a configuration option to be passed to the agent during cleaning operations in order to allow that decision to prevent failed secure erase operations from causing the node to go into CLEANFAIL state by enabling fallback logic. Change-Id: I13c0fef3a6aa1903bfe1f54ba4fafbeadd673666 Closes-Bug: #1536695
2016-04-07 10:17:24 -04:00 · 2016-04-07 10:17:24 -04:00 · 87e68256b6
commit 87e68256b6
parent 8b75becccb
4 changed files with 37 additions and 0 deletions
--- a/etc/ironic/ironic.conf.sample
+++ b/etc/ironic/ironic.conf.sample
@ -850,6 +850,13 @@
 # Erased. Defaults to True. (boolean value)
 #shred_final_overwrite_with_zeros = true

+# Defines what to do if an ATA secure erase operation fails
+# during cleaning in the Ironic Python Agent. If False, the
+# cleaning operation will fail and the node will be put in
+# ``clean failed`` state. If True, shred will be invoked and
+# cleaning will continue. (boolean value)
+#continue_if_disk_secure_erase_fails = false
+
 # Whether to power off a node after deploy failure. Defaults
 # to True. (boolean value)
 #power_off_after_deploy_failure = true
--- a/ironic/drivers/modules/deploy_utils.py
+++ b/ironic/drivers/modules/deploy_utils.py
@ -77,6 +77,14 @@ deploy_opts = [
                       "deploy.shred_random_overwrite_interations is 0. This "
                       "option is only used if a device could not be ATA "
                       "Secure Erased. Defaults to True.")),
+    cfg.BoolOpt('continue_if_disk_secure_erase_fails',
+                default=False,
+                help=_('Defines what to do if an ATA secure erase operation '
+                       'fails during cleaning in the Ironic Python Agent. '
+                       'If False, the cleaning operation will fail and the '
+                       'node will be put in ``clean failed`` state. '
+                       'If True, shred will be invoked and cleaning will '
+                       'continue.')),
    cfg.BoolOpt('power_off_after_deploy_failure',
                default=True,
                help=_('Whether to power off a node after deploy failure. '
@ -659,6 +667,8 @@ def agent_add_clean_params(task):
    info['agent_erase_devices_iterations'] = random_iterations
    zeroize = CONF.deploy.shred_final_overwrite_with_zeros
    info['agent_erase_devices_zeroize'] = zeroize
+    erase_fallback = CONF.deploy.continue_if_disk_secure_erase_fails
+    info['agent_continue_if_ata_erase_failed'] = erase_fallback

    task.node.driver_internal_info = info
    task.node.save()
--- a/ironic/tests/unit/drivers/modules/test_deploy_utils.py
+++ b/ironic/tests/unit/drivers/modules/test_deploy_utils.py
@ -1715,6 +1715,8 @@ class AgentMethodsTestCase(db_base.DbTestCase):
        cfg.CONF.set_override('shred_random_overwrite_iterations', 2, 'deploy')
        cfg.CONF.set_override('shred_final_overwrite_with_zeros', False,
                              'deploy')
+        cfg.CONF.set_override('continue_if_disk_secure_erase_fails', True,
+                              'deploy')
        with task_manager.acquire(
                self.context, self.node.uuid, shared=False) as task:
            utils.agent_add_clean_params(task)
@ -1722,6 +1724,8 @@ class AgentMethodsTestCase(db_base.DbTestCase):
                'agent_erase_devices_iterations'))
            self.assertEqual(False, task.node.driver_internal_info.get(
                'agent_erase_devices_zeroize'))
+            self.assertEqual(True, task.node.driver_internal_info.get(
+                'agent_continue_if_ata_erase_failed'))

    @mock.patch('ironic.dhcp.neutron.NeutronDHCPApi.delete_cleaning_ports',
                autospec=True)
--- a/releasenotes/notes/add-agent-erase-fallback-b07613a7042fe236.yaml
+++ b/releasenotes/notes/add-agent-erase-fallback-b07613a7042fe236.yaml
@ -0,0 +1,16 @@
+---
+features:
+  - A new configuration option
+    ``[deploy]continue_if_disk_secure_erase_fails``, which
+    has a default value of False, has been added. If set to
+    True, the Ironic Python Agent will revert to a disk shred
+    operation if an ATA secure erase operation fails. Under
+    normal circumstances, the failure of an ATA secure erase
+    operation results in the node being put in ``clean failed``
+    state.
+upgrades:
+  - A new configuration option
+    ``[deploy]continue_if_disk_secure_erase_fails``, which
+    has a default value of False, has been added. The default
+    setting represents the standard behavior of the Ironic
+    Python Agent during a cleaning failure.