Code Review / apex-tripleo-heat-templates.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: c5a609e)
Ironic: configure disk erasing during cleaning
authorDmitry Tantsur <divius.inside@gmail.com>
Thu, 1 Sep 2016 13:17:33 +0000 (15:17 +0200)
committerDmitry Tantsur <divius.inside@gmail.com>
Fri, 2 Sep 2016 10:05:01 +0000 (12:05 +0200)
Cleaning is run before the first and between every deployments to ensure
that the node is in a clean state (hence its name). The most important
part of it is wiping the hard drive.

This change allows tuning this action. A new option IronicCleaningDiskErase
accepts the following options:
* full - for full cleaning with removing the data via ATA secure erase or shred
* metadata - for cleaning only partitioning table.
The third option "none" is suppored by Puppet but is not advertised here as
disabling disk wiping completely is known to cause bugs.

Note that the upstream Ironic default is a bit unfortunate: it enabled both
processes. We set the default to "full" which has the same effect, but is faster.

Change-Id: I46632f71f7ab63daac243acefa5166c58ca05da0
Partially-Implements: blueprint ironic-integration

puppet/services/ironic-conductor.yaml patch | blob | history

diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml
index e9b4da6..4b71ead 100644 (file)
--- a/puppet/services/ironic-conductor.yaml
+++ b/puppet/services/ironic-conductor.yaml
@@ -18,6 +18,12 @@ parameters:
     description: Mapping of service endpoint -> protocol. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  IronicCleaningDiskErase:
+    default: 'full'
+    description: Type of disk cleaning before and between deployments,
+                 "full" for full cleaning, "metadata" to clean only disk
+                 metadata (partition table).
+    type: string
   IronicEnabledDrivers:
     default: ['pxe_ipmitool', 'agent_ipmitool']
     description: Enabled Ironic drivers
@@ -54,6 +60,7 @@ outputs:
           # FIXME: I have no idea why neutron_url is in "api" manifest
           - ironic::api::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]}
             ironic::conductor::api_url: {get_param: [EndpointMap, IronicInternal, uri_no_suffix]}
+            ironic::conductor::cleaning_disk_erase: {get_param: IronicCleaningDiskErase}
             ironic::conductor::enabled_drivers: {get_param: IronicEnabledDrivers}
             # We need an endpoint containing a real IP, not a VIP here
             ironic_conductor_http_host: {get_param: [ServiceNetMap, IronicNetwork]}