Support #61596
closedhow to secure delete rbd
0%
Description
ceph 14.2.22
I make only one osd in ceph cluster for better to test.ceph osd tree is below:
root@node1:~# ceph osd tree
ID CLASS WEIGHT TYPE NAME STATUS REWEIGHT PRI-AFF
-1 0.00189 root default
-13 0.00189 datacenter datacenter01
-12 0.00189 room room01
-11 0.00189 rack rack01
-9 0.00189 host node1
1 hdd 0.00189 osd.1 up 1.00000 1.00000
ceph osd df is:
ID CLASS WEIGHT REWEIGHT SIZE RAW USE DATA OMAP META AVAIL %USE VAR PGS STATUS
1 hdd 0.00189 1.00000 2.0 GiB 1.0 GiB 20 MiB 0 B 1 GiB 1000 MiB 51.10 1.00 32 up
TOTAL 2.0 GiB 1.0 GiB 20 MiB 0 B 1 GiB 1000 MiB 51.10
MIN/MAX VAR: 1.00/1.00 STDDEV: 0
when I create a rbd and map it, mkfs.ext4 and write a testfile with 22222222222222222,then rm the rbd. I can still read 2222222 from the osd disk, that means the rbd not secure delete.
the whole test way is:
1. create a rbd and map, write a file with 2222222222222222222222222222222222222222222222222222222222222222222222222222222222222222.
2. use dd and hexdump to read data in osd disk.
root@node1:~# dd if=/dev/sdd of=/tmp/outputfile_osd
4194304+0 records in
4194304+0 records out
2147483648 bytes (2.1 GB, 2.0 GiB) copied, 18.906 s, 114 MB/s
root@node1:~# hexdump -C /tmp/outputfile_osd > /tmp/readablefile_osd
3. search 22222222222 in /tmp/readablefile_osd.
*
208ceef0 00 00 00 f0 ff 01 0a 4c 00 00 00 00 00 00 00 01 |.......L........|
208cef00 12 a7 20 01 01 21 10 00 00 12 01 00 00 00 00 00 |.. ..!..........|
208cef10 00 01 00 00 00 01 01 0b 10 00 00 01 01 26 f8 03 |.............&..|
208cef20 00 07 00 10 00 00 32 32 32 32 32 32 32 32 32 32 |......2222222222|
208cef30 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 |2222222222222222|
*
208ceff0 32 32 32 32 32 32 32 32 32 32 32 32 32 0a 00 00 |2222222222222...|
208cf000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
4.search 22222222222 in /tmp/readablefile_osd after rm the rbd.
*
208ceef0 00 00 00 f0 ff 01 0a 4c 00 00 00 00 00 00 00 01 |.......L........|
208cef00 12 a7 20 01 01 21 10 00 00 12 01 00 00 00 00 00 |.. ..!..........|
208cef10 00 01 00 00 00 01 01 0b 10 00 00 01 01 26 f8 03 |.............&..|
208cef20 00 07 00 10 00 00 32 32 32 32 32 32 32 32 32 32 |......2222222222|
208cef30 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 32 |2222222222222222|
*
208ceff0 32 32 32 32 32 32 32 32 32 32 32 32 32 0a 00 00 |2222222222222...|
208cf000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
question: As bluestore will allocate new block for big write, write rbd with dd or fio can't overwrite the original data block, so how to secure delete rbd data.