Recently a customer needed to automatically wipe the disks on hundreds of HP blades that were being returned on lease. To facilitate this HiperLogic created a custom boot Linux CD to wipe the disks that had the following features:
1. Re-configured the RAID from STRIPED to MIRRORED to 1/2 the wiping time.
2. Wiped the disks using the linux shred utility without user intervention.
3. Halted the machine on completion.
This CD is easily mounted across all blades in the chassis via the USB media. A custom solution was developed as some of the popular free wipe utilities were too old to support the latest HP blades.
Here is the guide to creating your own:
Building the SLAX ISO IMAGE
SLAX was chosen because it was simple, had the shred utility installed, and had all the linux drivers needed out of the box. These same principles could be applied to your distro of choice.
Step 1. Download the SLAX iso image, then do the following:
mount -o loop slax-6.1.2.iso /mnt/loop cp -a /mnt/loop /tmp/slax cd /tmp/slax
Step 2. Create the following inside the slax directory :
The contents of this file are like below:
# cat rootcopy/etc/rc.d/rc.local
#!/bin/sh nohup /usr/local/sbin/shredit &
#!/bin/sh #delete the existing RAID 0 array. This command is specific to your layout. echo "Y" | /opt/compaq/hpacucli/bld/hpacucli ctrl slot=0 ld 1 delete #create a RAID 1 array. This command is specific to your layout /opt/compaq/hpacucli/bld/hpacucli ctrl slot=0 create type=ld raid=1 #This says do a one pass overwrite of the device with random data, then follow up with a zero write pass. shred -n 1 -z -v /dev/cciss/c0d0 #Now halt after completion halt
Download and install the HP hpacucli RPM. This utility is used to re-create the RAID0 raid to RAID1 to speed up the wipe. SLAX isn’t RPM based, but you can use rpm2cpio on another box to get a CPIO archive to install.
Step 4. Create the ISO
Now just run the
command included with SLAX to build your custom ISO image. Assuming you called it shred.iso, follow the instructions below to mount it on the blades.
Automatically mounting the ISO on the blades
There are a couple ways to mount the ISO image, if you have the ILO Advanced Pack you can use the following method:
Use RIBCL in the OA to download and mount the ISO as a virtual CD drive for one time nooy
1. Put the ISO image somewhere on a webserver on your network.
2. Create this XML in a text file which we will use in the next step via copy/paste, replacing the myloginhere and mypassword here with your admin credentials for the Onboard Administrator (OA). This will mount the shred.iso via http, and configure the blade for a one time boot into this ISO image.
<RIBCL VERSION="2.0"> <LOGIN USER_LOGIN="myloginhere" PASSWORD="mypasswordhere"> <RIB_INFO MODE="write"> <INSERT_VIRTUAL_MEDIA DEVICE="CDROM" IMAGE_URL="http://someipaddresshere/shred.iso"/> <SET_VM_STATUS DEVICE="CDROM"> <VM_BOOT_OPTION VALUE="BOOT_ONCE"/> <VM_WRITE_PROTECT VALUE="YES" /> </SET_VM_STATUS> </RIB_INFO> </LOGIN> </RIBCL>
Now copy the above lines, SSH to the OA in the chassis and then type ONE of the following examples depending if you want to shred ALL blades, one blade, or a range of blades.
Applies to All blades in chassis. | is the termination character
HPONCFG ALL << |
Applies to Bay 1 only
HPONCFG 1 << |
Applies to Bays 1 through 8
HPONCFG 1-8 << |
Applies to Bays 1, 2, 9 and 10
HPONCFG 1,2,9,10 << |
Now PASTE the XML we copied in the previous step after this.
Finally just type
on a line by itself and hit enter to execute the XML string.
Boot the ISO off of a USB key in the OA
The second option works with standard ILO but you need to do the following:
1. Copy the ISO image to a USB key, you should see the file shred.iso on the USB key. The OA will show all files with .ISO to mount.
2. Insert the ISO image into the OA of the chassis
3. Go to the OA web page, go to Enclosure Settings and then DVD drive
4. Mount the image on the blade(s) like in the screenshot below:
After you power on the blade, it will begin the wiping proceses. It took about 3 hours for the wipe to complete, with each blade having dual 72GB 15k SAS drives. Once the wipe is complete, the blades will shut down.