Partitions are not properly wiped

Bug #1550604 reported by Gonéri Le Bouder on 2016-02-27
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ironic-lib
Fix Released
High
Gonéri Le Bouder

Bug Description

If the local disk has already a partition table, it must be clean up
before the disk is exposed through iscsi. Otherwise this disk partition
can create a conflict during the grub installation.

How reproducible:

1. Inject an image on the root disk, like for example ipxe.usb or ipxe.iso
2. Try to deploy a system on the node using Ironic
3. The node is properly deployed but the grub installation has failed
   with the following error:
     attempting to install grub to a disk with multiple partition labels

A simple sgdisk -Z /dev/vdX is not enough because grub-install will
inspect the disk and will still detect a remaining partition.

This commit makes use of the ironic-lib to do the clean up of the disk.
The review Id59fa5a06b9115c0f9afc09aae95daaac97e2fac is needed to

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1310883

bin Yu (froyo-bin) on 2016-02-29
Changed in ironic:
assignee: nobody → bin Yu (froyo-bin)
status: New → Confirmed
status: Confirmed → New
Dmitry Tantsur (divius) on 2016-02-29
summary: - no standard partition are not properly wiped
+ Partitions are not properly wiped
Changed in ironic:
status: New → Triaged
importance: Undecided → High
affects: ironic → ironic-lib
Gonéri Le Bouder (goneri) wrote :

How to reproduce the issue:

# fallocate -l 5G test.img
# losetup -f test.img /dev/loop0
# curl http://boot.ipxe.org/ipxe.iso > /dev/loop0
  % Total % Received % Xferd Average Speed Time Time Time Current
                                 Dload Upload Total Spent Left Speed
100 672k 100 672k 0 0 359k 0 0:00:01 0:00:01 --:--:-- 359k
# sgdisk -Z /dev/loop0
Creating new GPT entries.
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot.
GPT data structures destroyed! You may now partition the disk using fdisk or
other utilities.
# grub2-install /dev/loop0
Installing for i386-pc platform.
grub2-install: warning: File system ‘iso9660’ doesn't support embedding.
grub2-install: error: embedding is not possible, but this is required for cross-disk install.

Changed in ironic-lib:
assignee: bin Yu (froyo-bin) → Gonéri Le Bouder (goneri)
status: Triaged → In Progress

Change abandoned by Gonéri Le Bouder (<email address hidden>) on branch: master
Review: https://review.openstack.org/285601

Reviewed: https://review.openstack.org/286283
Committed: https://git.openstack.org/cgit/openstack/ironic-lib/commit/?id=042aa9ab5a27e251c8fb2f1855695cf5e791ecf5
Submitter: Jenkins
Branch: master

commit 042aa9ab5a27e251c8fb2f1855695cf5e791ecf5
Author: Gonéri Le Bouder <email address hidden>
Date: Fri Feb 26 11:27:54 2016 -0500

    use wipefs to erase FS meta information

    destroy_disk_metadata should destroy a bit more data than expected if we
    want to be sure grub won't conflict with remaining bits of filesystem.
    grub probes the hard drive to find remaining partition or filesystem. If
    it find something, it will refuse to install itself on the disk.

    By using wipefs instead of dd, we not only erase the MBR and partition
    table but also all trace of filesystem, raid or partition-table signatures
    (magic strings). This without extra Python code.

    wipefs is part of util-linux which is available on all the Linux
    distribution.

    References:
    https://review.openstack.org/#/c/284347/
    https://bugzilla.redhat.com/show_bug.cgi?id=1310883
    Partial-Bug: 1550604

    Change-Id: I39637e22c344703ad48fc271f6f866aa018bbdd1

Jay Faulkner (jason-oldos) wrote :

As a note, this bug shouldn't impact operators with automated_clean set to True, as this would've been done before the node was eligible to be provisioned to.

This issue was fixed in the openstack/ironic 6.0.0 release.

Dmitry Tantsur (divius) wrote :

Hi! Is there anything left to fix here?

Changed in ironic-lib:
status: In Progress → Fix Released
Gonéri Le Bouder (goneri) wrote :

No, everything has been released.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.