[DOC] Set cleaning requirement with retirement

Per discussion in IRC, the retirement documentation sets forth
an understanding that sensitive data will be removed from the
baremetal node, however this is performed through cleaning which
inherently sets forth a requirement in automated cleaning.

Explicitly note, and provide options should an operator wish
to utilize the feature.

Change-Id: I6755433b97cacd6ebf6a8f7eb5b404697e0a4349

1 files changed, 21 insertions, 0 deletions

diff --git a/doc/source/admin/retirement.rst b/doc/source/admin/retirement.rst
index e4884e0f4..aab307bac 100644
--- a/doc/source/admin/retirement.rst
+++ b/doc/source/admin/retirement.rst
@@ -23,6 +23,27 @@ scheduling of instances, but will still allow for other operations,
 such as cleaning, to happen (this marks an important difference to
 nodes which have the ``maintenance`` flag set).
 
+Requirements
+============
+
+The use of the retirement feature requires that automated cleaning
+be enabled. The default ``[conductor]automated_clean`` setting must
+not be disabled as the retirement feature is only engaged upon
+the completion of cleaning as it sets forth the expectation of removing
+sensitive data from a node.
+
+If you're uncomfortable with full cleaning, but want to make use of the
+the retirement feature, a compromise may be to explore use of metadata
+erasure, however this will leave additional data on disk which you may
+wish to erase completely. Please consult the configuration for the
+``[deploy]erase_devices_metadata_priority`` and
+``[deploy]erase_devices_priority`` settings, and do note that
+clean steps can be manually invoked through manual cleaning should you
+wish to trigger the ``erase_devices`` clean step to completely wipe
+all data from storage devices. Alternatively, automated cleaning can
+also be enabled on an individual node level using the
+``baremetal node set --automated-clean <node_id>`` command.
+
 How to use
 ==========