Disk Sanitization Time?

There’s not much information out there regards disk sanitization time, so I thought I’d share my experience. I had the privilege to sanitize an old NetApp FAS2040A system running ONTAP 7.3.6 with 12 x 600GB 15k RPM SAS disk drives.

There are a couple of KBs on this:

And there is this communities post with useful information:

These were the timings for a (to DoD/Department of Defense standard) -

disk sanitize start -c 3 DISK

- on 600GB 15k RPM SAS disks.

TIME = 9 hours  4 minutes and 22 seconds

From the> rdfile /etc/log/messages

Wed Jan 16 12:32:05 GMT [disk.failmsg:error]: Disk 0c.00.3 (...): message received.
Wed Jan 16 12:32:05 GMT [raid.disk.unload.done:info]: Unload of Disk 0c.00.3 Shelf 0 Bay 3 [NETAPP   X290_S15K7560A15 NA00] S/N [...] has completed successfully
...
Wed Jan 16 21:36:27 GMT [disk.sanit.complete:info]: Disk 0c.00.3 [S/N ...] has completed sanitization.


According to the communities post link above, you can run sanitize on up to 100 disks at a time. You’ll have to run it two times at least, since the root disks also need to be sanitized (4a/reinitialize the system on different set of root disks.) For this system it took 3 visits to site to complete the work (alas, remote access was not possible):

Day 1: Re-initialize and sanitize spare disks (cannot do root disks).
Day 2: Re-initialize and sanitize disks we couldn’t do before.
Day 3: Final checks (“disk sanitize status”) to confirm all disks are wiped.

Image: Hard Disk

Comments

  1. Indeed, there is not much info on Disk Sanitization. I have done this several times in the 7-mode era, and I have made the following notes for myself:

    - Disks to be sanitized must not be a part of an aggregate. That means they must be spare disks. Spare disks do not have to be zeroed up front. This also means, that if you want to sanitize the disks with vol0 (on aggr0) you will need 2 passes: the first pass is to sanitize all disks except aggr0, the second pass is to create a new aggregate of 3 disks and move vol0 there, then sanitize the original aggr0 disks. Or move the aggr0 disks to another system and sanitize them there.
    - After sanitization, you can release the disks using "disk sanitize release 0c.00.x"
    - After releasing sanitized disks, the disks are also unassigned from the controller. To use them again, use "disk assign 0c.00.x".
    - After assigning sanitized disks, ONTAP will mark those disks as broken, because sanitization also removes the disk label.
    - To make those disks usable again, you can unfail the disks and make them spare with the command "disk unfail -s 0c.00.x" in priv set advanced.
    - After unfailing the disks, you will have non-zeroed spare disks (because sanitization writes a random pattern to the disks a number of times). So to zero them again, you can use "disk zero spares".

    ReplyDelete
  2. I can't seem to find it documented anywhere within NetApp docs but by chance do you know what ontap commands are affected once you enable "options licensed_feature.disk_sanitization.enable on" for each node in the cluster?

    I have 96 3.5TB SSD and 96 3.7TB NL-SAS drives to completely sanitize in my customer's cluster. Any idea what kind of time this would take?

    ReplyDelete
  3. In ONTAP 9.6 you can do sanitize in maintenance mode.
    https://docs.netapp.com/us-en/ontap/disks-aggregates/sanitize-disk-maintenance-mode-task.html

    The thing with SSDs is that not all SSDs support disk sanitize:
    https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/Data_ONTAP_%22disk_sanitize%22_feature_has_certain_limitations_with_SSD

    ReplyDelete
  4. Update:

    Very approximately, you can find the time for one cycle of sanitize by looking at the old disk zeroing times (my experience above is fairly faithful to this):

    https://kb.netapp.com/on-prem/ontap/OHW/OHW-KBs/How_long_does_it_approximately_take_for_disk_zeroing

    You cannot sanitize more than 100 disks per controller at a time (>100 disks will queue.)

    ReplyDelete

Post a Comment