Merge "OOB one button secure erase for iLO5 based HPE Proliant servers."
This commit is contained in:
Zuul
Gerrit Code Review
commit
c2db0bbac3
@ -61,6 +61,7 @@ features:
|
||||
|
||||
* `Out of Band RAID Support`_
|
||||
* `Out of Band Sanitize Disk Erase Support`_
|
||||
* `Out of Band One Button Secure Erase Support`_
|
||||
|
||||
Hardware interfaces
|
||||
^^^^^^^^^^^^^^^^^^^
|
||||
@ -2008,9 +2009,57 @@ The default erase pattern are, for HDD, 'overwrite' and for SSD, 'block'.
|
||||
9 hours and 300GB SSD with default pattern "block" would take approx. 30
|
||||
seconds to complete the erase.
|
||||
|
||||
Out of Band One Button Secure Erase Support
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
With Gen10 HPE Proliant servers which have been updated with SPP version 2019.03.0
|
||||
or later the ``ilo5`` hardware type supports firmware based one button secure erase
|
||||
as a clean step.
|
||||
|
||||
The One Button Secure Erase resets iLO and deletes all licenses stored there, resets
|
||||
BIOS settings, and deletes all Active Health System (AHS) and warranty data stored on
|
||||
the system. It also erases supported non-volatile storage data and deletes any
|
||||
deployment settings profiles. See `HPE Gen10 Security Reference Guide`_ for more
|
||||
information.
|
||||
|
||||
Below are the steps to perform this clean step:
|
||||
|
||||
* Perform the cleaning using 'one_button_secure_erase' clean step
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
openstack baremetal node clean test_node --clean-steps\
|
||||
'[{"interface": "management", "step": "one_button_secure_erase"}]'
|
||||
|
||||
* Once the clean step would triggered and node go to 'clean wait' state and
|
||||
'maintenance' flag on node would be set to 'True', then delete the node
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
openstack baremetal node delete test_node
|
||||
|
||||
.. note::
|
||||
* Even after deleting the node, One Button Secure Erase operation would continue
|
||||
on the node.
|
||||
|
||||
* This clean step should be kept last if the multiple clean steps are to be executed.
|
||||
No clean step after this step would be executed.
|
||||
|
||||
* One Button Secure Erase should be used with extreme caution, and only when a system
|
||||
is being decommissioned. During the erase the iLO network would keep disconnecting
|
||||
and after the erase user will completly lose iLO access along with the credentials
|
||||
of the server, which needs to be regained by the administrator. The process can take
|
||||
up to a day or two to fully erase and reset all user data.
|
||||
|
||||
* When you activate One Button Secure Erase, iLO 5 does not allow firmware update
|
||||
or reset operations.
|
||||
|
||||
.. note::
|
||||
Do not perform any iLO 5 configuration changes until this process is completed.
|
||||
|
||||
.. _`ssacli documentation`: https://support.hpe.com/hpsc/doc/public/display?docId=c03909334
|
||||
.. _`proliant-tools`: https://docs.openstack.org/diskimage-builder/latest/elements/proliant-tools/README.html
|
||||
.. _`HPE iLO4 User Guide`: https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=c03334051
|
||||
.. _`HPE Gen10 Security Reference Guide`: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00018320en_us
|
||||
.. _`iLO 4 management engine`: https://www.hpe.com/us/en/servers/integrated-lights-out-ilo.html
|
||||
.. _`iLO 5 management engine`: https://www.hpe.com/us/en/servers/integrated-lights-out-ilo.html#innovations
|
||||
.. _`Redfish`: https://www.dmtf.org/standards/redfish
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
# python projects they should package as optional dependencies for Ironic.
|
||||
|
||||
# These are available on pypi
|
||||
proliantutils>=2.9.5
|
||||
proliantutils>=2.10.0
|
||||
pysnmp>=4.3.0,<5.0.0
|
||||
python-scciclient>=0.8.0
|
||||
python-dracclient>=3.1.0,<5.0.0
|
||||
|
||||
@ -792,9 +792,6 @@ class Ilo5Management(IloManagement):
|
||||
task.node.save()
|
||||
|
||||
def _set_clean_failed(self, task, msg):
|
||||
LOG.error("Out-of-band sanitize disk erase job failed for node "
|
||||
"%(node)s. Message: '%(message)s'.",
|
||||
{'node': task.node.uuid, 'message': msg})
|
||||
task.node.last_error = msg
|
||||
task.process_event('fail')
|
||||
|
||||
@ -927,9 +924,43 @@ class Ilo5Management(IloManagement):
|
||||
LOG.info("No drive found to perform out-of-band sanitize "
|
||||
"disk erase for node %(node)s", {'node': node.uuid})
|
||||
except ilo_error.IloError as ilo_exception:
|
||||
LOG.error("Out-of-band sanitize disk erase job failed for node "
|
||||
"%(node)s. Message: '%(message)s'.",
|
||||
{'node': task.node.uuid, 'message': ilo_exception})
|
||||
self._pop_driver_internal_values(task,
|
||||
'ilo_disk_erase_hdd_check',
|
||||
'ilo_disk_erase_ssd_check',
|
||||
'cleaning_reboot',
|
||||
'skip_current_clean_step')
|
||||
self._set_clean_failed(task, ilo_exception)
|
||||
|
||||
@base.clean_step(priority=0, abortable=False)
|
||||
def one_button_secure_erase(self, task):
|
||||
"""Erase the whole system securely.
|
||||
|
||||
The One-button secure erase process resets iLO and deletes all licenses
|
||||
stored there, resets BIOS settings, and deletes all Active Health
|
||||
System (AHS) and warranty data stored on the system. It also erases
|
||||
supported non-volatile storage data and deletes any deployment settings
|
||||
profiles.
|
||||
|
||||
:param task: a TaskManager instance.
|
||||
:raises: IloError on an error from iLO.
|
||||
"""
|
||||
node = task.node
|
||||
LOG.info("Calling one button secure erase for node %(node)s",
|
||||
{'node': node.uuid})
|
||||
try:
|
||||
ilo_object = ilo_common.get_ilo_object(node)
|
||||
ilo_object.do_one_button_secure_erase()
|
||||
manager_utils.node_power_action(task, states.REBOOT)
|
||||
node.maintenance = True
|
||||
node.maintenance_reason = (
|
||||
"Running one button secure erase clean step.")
|
||||
node.save()
|
||||
return states.CLEANWAIT
|
||||
except ilo_error.IloError as ilo_exception:
|
||||
LOG.error("One button secure erase job failed for node "
|
||||
"%(node)s. Message: '%(message)s'.",
|
||||
{'node': task.node.uuid, 'message': ilo_exception})
|
||||
self._set_clean_failed(task, ilo_exception)
|
||||
|
||||
@ -1669,11 +1669,12 @@ class Ilo5ManagementTestCase(db_base.DbTestCase):
|
||||
task.driver.management.erase_devices,
|
||||
task, erase_pattern={'ssd': 'xyz'})
|
||||
|
||||
@mock.patch.object(ilo_management.LOG, 'error', autospec=True)
|
||||
@mock.patch.object(ilo_common, 'get_ilo_object', autospec=True)
|
||||
@mock.patch.object(ilo_management.Ilo5Management, '_set_clean_failed',
|
||||
autospec=True)
|
||||
def test_erase_devices_hdd_ilo_error(self, set_clean_failed_mock,
|
||||
ilo_mock):
|
||||
ilo_mock, log_mock):
|
||||
ilo_mock_object = ilo_mock.return_value
|
||||
ilo_mock_object.get_available_disk_types.return_value = ['HDD']
|
||||
exc = ilo_error.IloError('error')
|
||||
@ -1691,5 +1692,43 @@ class Ilo5ManagementTestCase(db_base.DbTestCase):
|
||||
task.node.driver_internal_info)
|
||||
self.assertNotIn('skip_current_clean_step',
|
||||
task.node.driver_internal_info)
|
||||
self.assertTrue(log_mock.called)
|
||||
set_clean_failed_mock.assert_called_once_with(
|
||||
mock.ANY, task, exc)
|
||||
|
||||
@mock.patch.object(manager_utils, 'node_power_action', autospec=True)
|
||||
@mock.patch.object(ilo_common, 'get_ilo_object', autospec=True)
|
||||
def test_one_button_secure_erase(self, ilo_mock, mock_power):
|
||||
ilo_mock_object = ilo_mock.return_value
|
||||
self.node.clean_step = {'step': 'one_button_secure_erase',
|
||||
'interface': 'management'}
|
||||
self.node.save()
|
||||
with task_manager.acquire(self.context, self.node.uuid,
|
||||
shared=False) as task:
|
||||
result = task.driver.management.one_button_secure_erase(task)
|
||||
self.assertTrue(
|
||||
ilo_mock_object.do_one_button_secure_erase.called)
|
||||
self.assertEqual(states.CLEANWAIT, result)
|
||||
mock_power.assert_called_once_with(task, states.REBOOT)
|
||||
self.assertEqual(task.node.maintenance, True)
|
||||
|
||||
@mock.patch.object(ilo_management.LOG, 'error', autospec=True)
|
||||
@mock.patch.object(ilo_common, 'get_ilo_object', autospec=True)
|
||||
@mock.patch.object(ilo_management.Ilo5Management, '_set_clean_failed',
|
||||
autospec=True)
|
||||
def test_one_button_secure_erase_ilo_error(
|
||||
self, set_clean_failed_mock, ilo_mock, log_mock):
|
||||
ilo_mock_object = ilo_mock.return_value
|
||||
self.node.clean_step = {'step': 'one_button_secure_erase',
|
||||
'interface': 'management'}
|
||||
self.node.save()
|
||||
exc = ilo_error.IloError('error')
|
||||
ilo_mock_object.do_one_button_secure_erase.side_effect = exc
|
||||
with task_manager.acquire(self.context, self.node.uuid,
|
||||
shared=False) as task:
|
||||
task.driver.management.one_button_secure_erase(task)
|
||||
set_clean_failed_mock.assert_called_once_with(mock.ANY,
|
||||
task, exc)
|
||||
self.assertTrue(
|
||||
ilo_mock_object.do_one_button_secure_erase.called)
|
||||
self.assertTrue(log_mock.called)
|
||||
|
||||
@ -0,0 +1,10 @@
|
||||
---
|
||||
features:
|
||||
- Adds functionality to perform out-of-band one button secure erase
|
||||
operation for iLO5 based HPE Proliant servers as a ``management``
|
||||
clean step ``one_button_secure_erase`` for ``ilo5`` hardware type.
|
||||
upgrade:
|
||||
- The ``do_one_button_secure_erase`` interface of 'proliantutils' library has
|
||||
been enhanced to support out-of-band one button secure erase operation for
|
||||
``ilo5`` hardware type. To leverage this feature, the 'proliantutils'
|
||||
library needs to be upgraded to version '2.10.0'.
|
||||
Loading…
x
Reference in New Issue
Block a user