[openstack-dev] Proposal for dd disk i/o performance blueprint of cinder.
Chris Friesen
chris.friesen at windriver.com
Thu Jan 16 15:15:18 UTC 2014
On 01/15/2014 11:25 PM, Clint Byrum wrote:
> Excerpts from Alan Kavanagh's message of 2014-01-15 19:11:03 -0800:
>> Hi Paul
>>
>> I posted a query to Ironic which is related to this discussion. My thinking was I want to ensure the case you note here (1) " a tenant can not read another tenants disk......" the next (2) was where in Ironic you provision a baremetal server that has an onboard dish as part of the blade provisioned to a given tenant-A. then when tenant-A finishes his baremetal blade lease and that blade comes back into the pool and tenant-B comes along, I was asking what open source tools guarantee data destruction so that no ghost images or file retrieval is possible?
>>
>
> Is that really a path worth going down, given that tenant-A could just
> drop evil firmware in any number of places, and thus all tenants afterward
> are owned anyway?
Ooh, nice one! :)
I suppose the provider could flash to known-good firmware for all
firmware on the device in between leases.
Chris
More information about the OpenStack-dev
mailing list