OOB one button secure erase for iLO5 based HPE Proliant servers.

This commit adds functionality to perform out-of-band one button
secure erase for iLO5 based HPE Proliant servers. Using this a
user can securely erase the whole system. It includes deleting
any deployment settings profiles, all licenses, Active Health
System (AHS) and warranty data stored there, reseting BIOS and
erasing supported non-volatile storage data.

Change-Id: I2f46a67580e8a607a91a3f6660feb85ed1827dc8
Story: #2007964
Task: #40458
This commit is contained in:
kesper 2020-07-30 06:24:38 +00:00
parent 99e8fc9810
commit 9fb4074bfe
5 changed files with 134 additions and 5 deletions

View File

@ -61,6 +61,7 @@ features:
* `Out of Band RAID Support`_ * `Out of Band RAID Support`_
* `Out of Band Sanitize Disk Erase Support`_ * `Out of Band Sanitize Disk Erase Support`_
* `Out of Band One Button Secure Erase Support`_
Hardware interfaces Hardware interfaces
^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^
@ -2008,9 +2009,57 @@ The default erase pattern are, for HDD, 'overwrite' and for SSD, 'block'.
9 hours and 300GB SSD with default pattern "block" would take approx. 30 9 hours and 300GB SSD with default pattern "block" would take approx. 30
seconds to complete the erase. seconds to complete the erase.
Out of Band One Button Secure Erase Support
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
With Gen10 HPE Proliant servers which have been updated with SPP version 2019.03.0
or later the ``ilo5`` hardware type supports firmware based one button secure erase
as a clean step.
The One Button Secure Erase resets iLO and deletes all licenses stored there, resets
BIOS settings, and deletes all Active Health System (AHS) and warranty data stored on
the system. It also erases supported non-volatile storage data and deletes any
deployment settings profiles. See `HPE Gen10 Security Reference Guide`_ for more
information.
Below are the steps to perform this clean step:
* Perform the cleaning using 'one_button_secure_erase' clean step
.. code-block:: console
openstack baremetal node clean test_node --clean-steps\
'[{"interface": "management", "step": "one_button_secure_erase"}]'
* Once the clean step would triggered and node go to 'clean wait' state and
'maintenance' flag on node would be set to 'True', then delete the node
.. code-block:: console
openstack baremetal node delete test_node
.. note::
* Even after deleting the node, One Button Secure Erase operation would continue
on the node.
* This clean step should be kept last if the multiple clean steps are to be executed.
No clean step after this step would be executed.
* One Button Secure Erase should be used with extreme caution, and only when a system
is being decommissioned. During the erase the iLO network would keep disconnecting
and after the erase user will completly lose iLO access along with the credentials
of the server, which needs to be regained by the administrator. The process can take
up to a day or two to fully erase and reset all user data.
* When you activate One Button Secure Erase, iLO 5 does not allow firmware update
or reset operations.
.. note::
Do not perform any iLO 5 configuration changes until this process is completed.
.. _`ssacli documentation`: https://support.hpe.com/hpsc/doc/public/display?docId=c03909334 .. _`ssacli documentation`: https://support.hpe.com/hpsc/doc/public/display?docId=c03909334
.. _`proliant-tools`: https://docs.openstack.org/diskimage-builder/latest/elements/proliant-tools/README.html .. _`proliant-tools`: https://docs.openstack.org/diskimage-builder/latest/elements/proliant-tools/README.html
.. _`HPE iLO4 User Guide`: https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=c03334051 .. _`HPE iLO4 User Guide`: https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=c03334051
.. _`HPE Gen10 Security Reference Guide`: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00018320en_us
.. _`iLO 4 management engine`: https://www.hpe.com/us/en/servers/integrated-lights-out-ilo.html .. _`iLO 4 management engine`: https://www.hpe.com/us/en/servers/integrated-lights-out-ilo.html
.. _`iLO 5 management engine`: https://www.hpe.com/us/en/servers/integrated-lights-out-ilo.html#innovations .. _`iLO 5 management engine`: https://www.hpe.com/us/en/servers/integrated-lights-out-ilo.html#innovations
.. _`Redfish`: https://www.dmtf.org/standards/redfish .. _`Redfish`: https://www.dmtf.org/standards/redfish

View File

@ -4,7 +4,7 @@
# python projects they should package as optional dependencies for Ironic. # python projects they should package as optional dependencies for Ironic.
# These are available on pypi # These are available on pypi
proliantutils>=2.9.5 proliantutils>=2.10.0
pysnmp>=4.3.0,<5.0.0 pysnmp>=4.3.0,<5.0.0
python-scciclient>=0.8.0 python-scciclient>=0.8.0
python-dracclient>=3.1.0,<5.0.0 python-dracclient>=3.1.0,<5.0.0

View File

@ -792,9 +792,6 @@ class Ilo5Management(IloManagement):
task.node.save() task.node.save()
def _set_clean_failed(self, task, msg): def _set_clean_failed(self, task, msg):
LOG.error("Out-of-band sanitize disk erase job failed for node "
"%(node)s. Message: '%(message)s'.",
{'node': task.node.uuid, 'message': msg})
task.node.last_error = msg task.node.last_error = msg
task.process_event('fail') task.process_event('fail')
@ -927,9 +924,43 @@ class Ilo5Management(IloManagement):
LOG.info("No drive found to perform out-of-band sanitize " LOG.info("No drive found to perform out-of-band sanitize "
"disk erase for node %(node)s", {'node': node.uuid}) "disk erase for node %(node)s", {'node': node.uuid})
except ilo_error.IloError as ilo_exception: except ilo_error.IloError as ilo_exception:
LOG.error("Out-of-band sanitize disk erase job failed for node "
"%(node)s. Message: '%(message)s'.",
{'node': task.node.uuid, 'message': ilo_exception})
self._pop_driver_internal_values(task, self._pop_driver_internal_values(task,
'ilo_disk_erase_hdd_check', 'ilo_disk_erase_hdd_check',
'ilo_disk_erase_ssd_check', 'ilo_disk_erase_ssd_check',
'cleaning_reboot', 'cleaning_reboot',
'skip_current_clean_step') 'skip_current_clean_step')
self._set_clean_failed(task, ilo_exception) self._set_clean_failed(task, ilo_exception)
@base.clean_step(priority=0, abortable=False)
def one_button_secure_erase(self, task):
"""Erase the whole system securely.
The One-button secure erase process resets iLO and deletes all licenses
stored there, resets BIOS settings, and deletes all Active Health
System (AHS) and warranty data stored on the system. It also erases
supported non-volatile storage data and deletes any deployment settings
profiles.
:param task: a TaskManager instance.
:raises: IloError on an error from iLO.
"""
node = task.node
LOG.info("Calling one button secure erase for node %(node)s",
{'node': node.uuid})
try:
ilo_object = ilo_common.get_ilo_object(node)
ilo_object.do_one_button_secure_erase()
manager_utils.node_power_action(task, states.REBOOT)
node.maintenance = True
node.maintenance_reason = (
"Running one button secure erase clean step.")
node.save()
return states.CLEANWAIT
except ilo_error.IloError as ilo_exception:
LOG.error("One button secure erase job failed for node "
"%(node)s. Message: '%(message)s'.",
{'node': task.node.uuid, 'message': ilo_exception})
self._set_clean_failed(task, ilo_exception)

View File

@ -1669,11 +1669,12 @@ class Ilo5ManagementTestCase(db_base.DbTestCase):
task.driver.management.erase_devices, task.driver.management.erase_devices,
task, erase_pattern={'ssd': 'xyz'}) task, erase_pattern={'ssd': 'xyz'})
@mock.patch.object(ilo_management.LOG, 'error', autospec=True)
@mock.patch.object(ilo_common, 'get_ilo_object', autospec=True) @mock.patch.object(ilo_common, 'get_ilo_object', autospec=True)
@mock.patch.object(ilo_management.Ilo5Management, '_set_clean_failed', @mock.patch.object(ilo_management.Ilo5Management, '_set_clean_failed',
autospec=True) autospec=True)
def test_erase_devices_hdd_ilo_error(self, set_clean_failed_mock, def test_erase_devices_hdd_ilo_error(self, set_clean_failed_mock,
ilo_mock): ilo_mock, log_mock):
ilo_mock_object = ilo_mock.return_value ilo_mock_object = ilo_mock.return_value
ilo_mock_object.get_available_disk_types.return_value = ['HDD'] ilo_mock_object.get_available_disk_types.return_value = ['HDD']
exc = ilo_error.IloError('error') exc = ilo_error.IloError('error')
@ -1691,5 +1692,43 @@ class Ilo5ManagementTestCase(db_base.DbTestCase):
task.node.driver_internal_info) task.node.driver_internal_info)
self.assertNotIn('skip_current_clean_step', self.assertNotIn('skip_current_clean_step',
task.node.driver_internal_info) task.node.driver_internal_info)
self.assertTrue(log_mock.called)
set_clean_failed_mock.assert_called_once_with( set_clean_failed_mock.assert_called_once_with(
mock.ANY, task, exc) mock.ANY, task, exc)
@mock.patch.object(manager_utils, 'node_power_action', autospec=True)
@mock.patch.object(ilo_common, 'get_ilo_object', autospec=True)
def test_one_button_secure_erase(self, ilo_mock, mock_power):
ilo_mock_object = ilo_mock.return_value
self.node.clean_step = {'step': 'one_button_secure_erase',
'interface': 'management'}
self.node.save()
with task_manager.acquire(self.context, self.node.uuid,
shared=False) as task:
result = task.driver.management.one_button_secure_erase(task)
self.assertTrue(
ilo_mock_object.do_one_button_secure_erase.called)
self.assertEqual(states.CLEANWAIT, result)
mock_power.assert_called_once_with(task, states.REBOOT)
self.assertEqual(task.node.maintenance, True)
@mock.patch.object(ilo_management.LOG, 'error', autospec=True)
@mock.patch.object(ilo_common, 'get_ilo_object', autospec=True)
@mock.patch.object(ilo_management.Ilo5Management, '_set_clean_failed',
autospec=True)
def test_one_button_secure_erase_ilo_error(
self, set_clean_failed_mock, ilo_mock, log_mock):
ilo_mock_object = ilo_mock.return_value
self.node.clean_step = {'step': 'one_button_secure_erase',
'interface': 'management'}
self.node.save()
exc = ilo_error.IloError('error')
ilo_mock_object.do_one_button_secure_erase.side_effect = exc
with task_manager.acquire(self.context, self.node.uuid,
shared=False) as task:
task.driver.management.one_button_secure_erase(task)
set_clean_failed_mock.assert_called_once_with(mock.ANY,
task, exc)
self.assertTrue(
ilo_mock_object.do_one_button_secure_erase.called)
self.assertTrue(log_mock.called)

View File

@ -0,0 +1,10 @@
---
features:
- Adds functionality to perform out-of-band one button secure erase
operation for iLO5 based HPE Proliant servers as a ``management``
clean step ``one_button_secure_erase`` for ``ilo5`` hardware type.
upgrade:
- The ``do_one_button_secure_erase`` interface of 'proliantutils' library has
been enhanced to support out-of-band one button secure erase operation for
``ilo5`` hardware type. To leverage this feature, the 'proliantutils'
library needs to be upgraded to version '2.10.0'.