diff options
| author | Pavlo Shchelokovskyy <pshchelokovskyy@mirantis.com> | 2017-06-01 09:35:28 +0300 |
|---|---|---|
| committer | Pavlo Shchelokovskyy <pshchelokovskyy@mirantis.com> | 2017-06-01 20:52:54 +0300 |
| commit | 892467dc9bc18a7174965484cd94fd7bd38cb5fd (patch) | |
| tree | 690895ab9e4c8fe4e6134549ca71472742b61cf8 /ironic/cmd | |
| parent | 82e8a40b932281701c5233fd0164300d28bc2f4c (diff) | |
| download | ironic-892467dc9bc18a7174965484cd94fd7bd38cb5fd.tar.gz | |
Move deploy_utils warnings to conductor start
make these checks once during conductor start after config was parsed.
This will prevent issuing those warnings on module imports.
Without it sphinx-build is broken when warnings are treated as failures.
Change-Id: I455bcc45edae82632aaf4eaebdcd597440d33ad3
Closes-Bug: #1694724
Diffstat (limited to 'ironic/cmd')
| -rw-r--r-- | ironic/cmd/conductor.py | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/ironic/cmd/conductor.py b/ironic/cmd/conductor.py index 208ceb0cb..6a8ddd41f 100644 --- a/ironic/cmd/conductor.py +++ b/ironic/cmd/conductor.py @@ -40,7 +40,7 @@ SECTIONS_WITH_AUTH = ( # TODO(pas-ha) remove this check after deprecation period -def _check_auth_options(conf): +def check_auth_options(conf): missing = [] for section in SECTIONS_WITH_AUTH: if not auth.load_auth(conf, section): @@ -59,6 +59,30 @@ def _check_auth_options(conf): link=link)) +def warn_about_unsafe_shred_parameters(conf): + iterations = conf.deploy.shred_random_overwrite_iterations + overwrite_with_zeros = conf.deploy.shred_final_overwrite_with_zeros + if iterations == 0 and overwrite_with_zeros is False: + LOG.warning('With shred_random_overwrite_iterations set to 0 and ' + 'shred_final_overwrite_with_zeros set to False, disks ' + 'may NOT be shredded at all, unless they support ATA ' + 'Secure Erase. This is a possible SECURITY ISSUE!') + + +def warn_about_missing_default_boot_option(conf): + if not conf.deploy.default_boot_option: + LOG.warning('The default value of default_boot_option ' + 'configuration will change eventually from ' + '"netboot" to "local". It is recommended to set ' + 'an explicit value for it during the transition period') + + +def issue_startup_warnings(conf): + check_auth_options(conf) + warn_about_unsafe_shred_parameters(conf) + warn_about_missing_default_boot_option(conf) + + def main(): # NOTE(lucasagomes): Safeguard to prevent 'ironic.conductor.manager' # from being imported prior to the configuration options being loaded. @@ -77,7 +101,7 @@ def main(): 'ironic.conductor.manager', 'ConductorManager') - _check_auth_options(CONF) + issue_startup_warnings(CONF) launcher = service.launch(CONF, mgr) launcher.wait() |