[openstack-dev] Is there any way I can completely erase all the data when deleting a cinder volume
Duncan Thomas
duncan.thomas at gmail.com
Wed Nov 18 13:21:38 UTC 2015
For the LVM and raw block device drivers, there is already an option to do
that - set volume_clear to 'zero' in cinder.conf
If you want this for other drivers, then the code could easily be adopted,
however I would question whether it is a good idea - the I/O load of
zeroing out volumes is very large, and can easily overshadow the other I/O
on the system significantly.
If you are using the LVM driver, I'd suggest investigating the thin
provisioning options, since they provide similar levels of tenant security
(though not disk disposal security) with far better performance.
On 18 November 2015 at 10:03, Young Yang <afe.young at gmail.com> wrote:
>
> There are some sensitive data in my volume.
> I hope openstack can completely erase all the data (e.g. overwrite the
> whole volume will 0 bits) when deleting a cinder volume.
>
> I plan to write some code to make Openstack to mount that volume and
> rewrite the whole volume with 0 bits.
>
> But I'm wondering if there is any better way to accomplish that.
>
> Thanks in advance! :)
>
>
>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
--
--
Duncan Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20151118/4549b0ec/attachment.html>
More information about the OpenStack-dev
mailing list