[openstack-dev] Proposal for dd disk i/o performance blueprint of cinder.

Chris Friesen chris.friesen at windriver.com
Thu Jan 16 15:15:18 UTC 2014


On 01/15/2014 11:25 PM, Clint Byrum wrote:
> Excerpts from Alan Kavanagh's message of 2014-01-15 19:11:03 -0800:
>> Hi Paul
>>
>> I posted a query to Ironic which is related to this discussion. My thinking was I want to ensure the case you note here (1) " a tenant can not read another tenants disk......" the next (2) was where in Ironic you provision a baremetal server that has an onboard dish as part of the blade provisioned to a given tenant-A. then when tenant-A finishes his baremetal blade lease and that blade comes back into the pool and tenant-B comes along, I was asking what open source tools guarantee data destruction so that no ghost images  or file retrieval is possible?
>>
>
> Is that really a path worth going down, given that tenant-A could just
> drop evil firmware in any number of places, and thus all tenants afterward
> are owned anyway?

Ooh, nice one! :)

I suppose the provider could flash to known-good firmware for all 
firmware on the device in between leases.

Chris




More information about the OpenStack-dev mailing list