no-wait-for-wipe?
45 views
Skip to first unread message
Daniel Howard
Jan 25, 2024, 1:40:13 PMJan 25
to Ganeti Users list
Per some good advice from this list, I enabled prealloc-wipe-disks at the cluster level.
But that slows down instance allocation.
We do gnt-instance add --no-wait-for-sync, which skips waiting for their DRBD disks to sync. Is there a similar option to not block while wiping the disks?
I suspect the answer is that we may want to set prealloc-wipe-disks only on clusters where required by security policies.
Thanks,
-danny
Rudolph Bott
Jan 26, 2024, 1:59:39 AMJan 26
to gan...@googlegroups.com
Hi Daniel,
not that I know - since the wiping has to be finished before you write anything new to disk I would also not know how to implement that in a safe way :-) If you e.g. create a partition table and a filesystem which spreads out information across the entire partition upon formatting while the wiping process is still in progress, you might end up with the parts wiped that mkfs et all just wrote on disk.
Regards,
Rudi
--
You received this message because you are subscribed to the Google Groups "ganeti" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ganeti+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ganeti/CAKU%3DtE-yn5LDpJmAki0A%3D91QoSGz6F%3DS7E5fn8zF4jrHDHtEsQ%40mail.gmail.com.
--
Rudolph Bott - bo...@sipgate.de
Telefon: +49 (0)211-63 55 55-55
Telefax: +49 (0)211-63 55 55-22
sipgate GmbH - Gladbacher Str. 74 - 40219 Düsseldorf
HRB Düsseldorf 39841 - Geschäftsführer: Thilo Salmon, Tim Mois
Steuernummer: 106/5724/7147, Umsatzsteuer-ID: DE219349391
Daniel Howard
Jan 26, 2024, 1:56:03 PMJan 26
to gan...@googlegroups.com
On Thu, Jan 25, 2024 at 10:59 PM 'Rudolph Bott' via ganeti <gan...@googlegroups.com> wrote:
Hi Daniel,not that I know - since the wiping has to be finished before you write anything new to disk I would also not know how to implement that in a safe way :-) If you e.g. create a partition table and a filesystem which spreads out information across the entire partition upon formatting while the wiping process is still in progress, you might end up with the parts wiped that mkfs et all just wrote on disk.
Thanks, Rudy. FWIW, we did a policy fix: in more sensitive environments, we will wipe, per policy. In less sensitive environments, which tend to have slower hardware, we won't wipe.
I think one could substantially fulfill the objective of a wiped disk by kicking off something like dd if=/dev/zero of=/tmp/full ; rm /tmp/full as a part of the VM host bootstrap process. Since we don't commission VMs often, there's little expectation of rapid availability, so the more robust "wait for ganeti to wipe a VM during creation" is fine for us.
Cheers,
-danny
Reply all
Reply to author
Forward
0 new messages