Dne 24.10.2014 v 19:30 IB Development Team napsal(a):
Hello,
Is there any way to make LVM2 tools wipe added/freed LV space or plans to add
such functionality?
lvm.conf devices { issue_discard = 1 }
See it that fits your need ?
Note: when using this option - vg/lvremove becomes 'irreversible'operation.
When LVM based storage is used for guest virtual disks, it is possible that
after resizing/snapshoting LV, disk data fragments from one guest will be
visible to other guest, which may cause serious security problems if not wiped
somehow; some pages with more info in this topic:
http://blog.brightbox.co.uk/posts/secure-virtual-disk-deletion-is-your-data-safe
http://brightbox.com/blog/2012/04/27/dirty-disks/
http://docs.openstack.org/security-guide/content/ch046_data-residency.html
Don't know LVM2 internals well but if there is no such functionality in LVM2
now, maybe adding options like --wipe and --wipe-bandwidth (to allow one to
control I/O load while wiping) for create/resize/remove/snapshot commands (and
other maybe if such risk exist there) will be possible in future LVM versions
to better meet security requirements in virtualized environments?
thin provisioning with zeroing enabled for thin-pool -Zy is likely better option.
There is no extra utility like 'fstrim' from empty space in volume group.
Note: you could obviously implement 'workaround' something like:
lvcreate -l100%FREE -n trim_me vg
blkdiscard /dev/vg/trim_me
(or if disk doesn't support TRIM - dd if=/dev/zero of=/dev/vg/trim_me....)
lvremove vg/trim_me
Zdenek
_______________________________________________
linux-lvm mailing list
linux-lvm@redhat.com
https://www.redhat.com/mailman/listinfo/linux-lvm
read the LVM HOW-TO at http://tldp.org/HOWTO/LVM-HOWTO/
