Conversation
| socat_address = {% raw %}{{ api_interface_address }}{% endraw %} | ||
|
|
||
| [conductor] | ||
| automated_clean=true |
There was a problem hiding this comment.
I saw at some sites we have this cleaning tweak from the Ironic docs:
[deploy]/erase_devices_priority=0
[deploy]/erase_devices_metadata_priority=0
[conductor]/clean_step_priority_override=deploy.erase_devices_express:5
I know cleaning is very site specific. Probably safer to leave the above out and default to scrub. Perhaps worth linking to the Ironic Doc?
There was a problem hiding this comment.
I would actually like our default to be fail if secure erase fails, with a note on how to work around that.
There was a problem hiding this comment.
I explicitly set a value for erase_devices as the priroity is dependent on the hardware manager in use. What do you think?
There was a problem hiding this comment.
Coming back to this, I think we should move to erase_devices_express, now I understand it better. I think we need to make the default good out the box with our pre-built IPA.
There was a problem hiding this comment.
Express will fallback to metadata erase if hardware assisted erase fails i.e it could leave data on the disk. Wouldn't it be better to default to a secure form of erasing i.e erase_devices? We'd then allow users to opt into a faster potentially non-secure metadata erase if they accepted that security trade off.
| heartbeat_interval = 30 | ||
| # Default is 60 seconds | ||
| heartbeat_timeout = 360 | ||
| sync_local_state_interval = 360 |
There was a problem hiding this comment.
I think there is a pthread config we can use here as well now?
There was a problem hiding this comment.
This one:
# Run the health check heartbeat thread through a native
# python thread by default. If this option is equal to False
# then the health check heartbeat will inherit the execution
# model from the parent process. For example if the parent
# process has monkey patched the stdlib by using
# eventlet/greenlet then the heartbeat will be run through a
# green thread. This option should be set to True only for the
# wsgi services. (boolean value)
#heartbeat_in_pthread = false
I guess that should only be set on ironic-api. Was there some other tuning options too?
| [deploy] | ||
| shred_random_overwrite_iterations = 0 | ||
| shred_final_overwrite_with_zeros = false | ||
| continue_if_disk_secure_erase_fails = true |
There was a problem hiding this comment.
Ah, @dougszumski this is part of what you were talking about?
jovial
force-pushed
the
feature/2023.1/ironic-tuning
branch
from
cff7553 to
f41358c
Compare
|
I've removed the bits that were flagged and have made pieces conditional on having Ironic enabled. Please review again 🙏 |
|
any chance we move forward on this? |
|
@JohnGarbutt or @dougszumski Any chance you could re-review this? It looks like exactly the sort of opinionated defaults we should be setting in SKC, but I don't have the subject knowledge to review it myself |
|
bump on that PR as it is very useful @jovial @dougszumski @JohnGarbutt - or we can build on top of #1729 @jackhodgkiss |
7 participants
No description provided.