Volume Wiping¶
There are several ways to wipe a block storage device. The traditional way is
to set the lvm_type to thin, and then use the volume_clear
parameter. Alternatively, if the volume encryption feature is used, then
volume wiping is not necessary if the volume encryption key is deleted.
See the OpenStack Configuration Reference doc in the Volume Encryption
section for set up details and also the Castellan usage document
for key deletion.
Note
In older OpenStack releases, lvm_type=default was used to signify a
wipe. While this method still works, lvm_type=default is not
recommended for setting secure delete.
The volume_clear parameter can accept either zero or shred
arguments. The zero argument will write a single pass of zeroes to the
device. The shred argument will write three passes of predetermined bit
patterns.
For more information about the lvm_type parameter, see
the LVM Block Storage section
of OpenStack Configuration Reference and the Oversubscription in thin provisioning of OpenStack Administrator Guide.
For more information about the volume_clear parameter, see the
Block Storage sample configuration files
of OpenStack Configuration Reference.
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.