diff options
author | Dmitry Tantsur <divius.inside@gmail.com> | 2016-09-01 15:17:33 +0200 |
---|---|---|
committer | Dmitry Tantsur <divius.inside@gmail.com> | 2016-09-02 12:05:01 +0200 |
commit | e2d5bbc41e3e7ab4952dab55094c88933d4b7143 (patch) | |
tree | 553dda49f4db67cd4c617a29447a77aae88173da | |
parent | c5a609eeefee26ad06c359f4d1aa75c8fdba8205 (diff) |
Ironic: configure disk erasing during cleaning
Cleaning is run before the first and between every deployments to ensure
that the node is in a clean state (hence its name). The most important
part of it is wiping the hard drive.
This change allows tuning this action. A new option IronicCleaningDiskErase
accepts the following options:
* full - for full cleaning with removing the data via ATA secure erase or shred
* metadata - for cleaning only partitioning table.
The third option "none" is suppored by Puppet but is not advertised here as
disabling disk wiping completely is known to cause bugs.
Note that the upstream Ironic default is a bit unfortunate: it enabled both
processes. We set the default to "full" which has the same effect, but is faster.
Change-Id: I46632f71f7ab63daac243acefa5166c58ca05da0
Partially-Implements: blueprint ironic-integration
-rw-r--r-- | puppet/services/ironic-conductor.yaml | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml index e9b4da6f..4b71ead0 100644 --- a/puppet/services/ironic-conductor.yaml +++ b/puppet/services/ironic-conductor.yaml @@ -18,6 +18,12 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + IronicCleaningDiskErase: + default: 'full' + description: Type of disk cleaning before and between deployments, + "full" for full cleaning, "metadata" to clean only disk + metadata (partition table). + type: string IronicEnabledDrivers: default: ['pxe_ipmitool', 'agent_ipmitool'] description: Enabled Ironic drivers @@ -54,6 +60,7 @@ outputs: # FIXME: I have no idea why neutron_url is in "api" manifest - ironic::api::neutron_url: {get_param: [EndpointMap, NeutronInternal, uri]} ironic::conductor::api_url: {get_param: [EndpointMap, IronicInternal, uri_no_suffix]} + ironic::conductor::cleaning_disk_erase: {get_param: IronicCleaningDiskErase} ironic::conductor::enabled_drivers: {get_param: IronicEnabledDrivers} # We need an endpoint containing a real IP, not a VIP here ironic_conductor_http_host: {get_param: [ServiceNetMap, IronicNetwork]} |