ScaleIO: Prevent usage of unsafe volumes
It is possible for thick volumes, created from storage pools which have zero-padding disabled, to contain previous data. This change prevents these volumes from being created by default. A user can override this behavior by acknowleding the possibility with a configuration option. Change-Id: I62f8f48b1624fc9abb7427bd4ca51f7873d35b96 Closes-bug: #1699573
This commit is contained in:
parent
04fc01bb32
commit
7feb62197d
@ -101,7 +101,13 @@ scaleio_opts = [
|
|||||||
'driver. This replaces the general '
|
'driver. This replaces the general '
|
||||||
'max_over_subscription_ratio which has no effect '
|
'max_over_subscription_ratio which has no effect '
|
||||||
'in this driver.'
|
'in this driver.'
|
||||||
'Maximum value allowed for ScaleIO is 10.0.')
|
'Maximum value allowed for ScaleIO is 10.0.'),
|
||||||
|
cfg.BoolOpt('sio_allow_non_padded_thick_volumes',
|
||||||
|
default=False,
|
||||||
|
help='Allow thick volumes to be created in Storage Pools '
|
||||||
|
'when zero padding is disabled. This option should '
|
||||||
|
'not be enabled if multiple tenants will utilize '
|
||||||
|
'thick volumes from a shared Storage Pool.'),
|
||||||
]
|
]
|
||||||
|
|
||||||
CONF.register_opts(scaleio_opts, group=configuration.SHARED_CONF_GROUP)
|
CONF.register_opts(scaleio_opts, group=configuration.SHARED_CONF_GROUP)
|
||||||
@ -481,6 +487,38 @@ class ScaleIODriver(driver.VolumeDriver):
|
|||||||
{'id': id, 'name': encoded_name})
|
{'id': id, 'name': encoded_name})
|
||||||
return encoded_name
|
return encoded_name
|
||||||
|
|
||||||
|
def _is_volume_creation_safe(self,
|
||||||
|
protection_domain,
|
||||||
|
storage_pool,
|
||||||
|
provision_type):
|
||||||
|
"""Checks if volume creation is safe or not
|
||||||
|
|
||||||
|
using thick volumes with zero padding disabled can lead
|
||||||
|
to existing data being read off of a newly created volume
|
||||||
|
"""
|
||||||
|
# if we have been told to allow unsafe volumes
|
||||||
|
if self.configuration.sio_allow_non_padded_thick_volumes:
|
||||||
|
return True
|
||||||
|
|
||||||
|
# all thin volumes are safe
|
||||||
|
if provision_type == 'ThinProvisioned':
|
||||||
|
return True
|
||||||
|
|
||||||
|
try:
|
||||||
|
properties = self._get_storage_pool_properties(protection_domain,
|
||||||
|
storage_pool)
|
||||||
|
padded = properties['zeroPaddingEnabled']
|
||||||
|
except Exception:
|
||||||
|
msg = (_("Unable to retrieve properties for pool, %(pool)s") %
|
||||||
|
{'pool': storage_pool})
|
||||||
|
raise exception.InvalidInput(reason=msg)
|
||||||
|
|
||||||
|
# zero padded storage pools are safe
|
||||||
|
if padded:
|
||||||
|
return True
|
||||||
|
# if we got here, it's unsafe
|
||||||
|
return False
|
||||||
|
|
||||||
def create_volume(self, volume):
|
def create_volume(self, volume):
|
||||||
"""Creates a scaleIO volume."""
|
"""Creates a scaleIO volume."""
|
||||||
self._check_volume_size(volume.size)
|
self._check_volume_size(volume.size)
|
||||||
@ -560,6 +598,23 @@ class ScaleIODriver(driver.VolumeDriver):
|
|||||||
else:
|
else:
|
||||||
provisioning = "ThickProvisioned"
|
provisioning = "ThickProvisioned"
|
||||||
|
|
||||||
|
allowed = self._is_volume_creation_safe(protection_domain_name,
|
||||||
|
storage_pool_name,
|
||||||
|
provisioning)
|
||||||
|
if not allowed:
|
||||||
|
# Do not allow thick volume creation on this backend.
|
||||||
|
# Volumes may leak data between tenants.
|
||||||
|
LOG.error("Volume creation rejected due to "
|
||||||
|
"zero padding being disabled for pool, %s:%s. "
|
||||||
|
"This behaviour can be changed by setting "
|
||||||
|
"the configuration option "
|
||||||
|
"sio_allow_non_padded_thick_volumes = True.",
|
||||||
|
protection_domain_name,
|
||||||
|
storage_pool_name)
|
||||||
|
msg = _("Volume creation rejected due to "
|
||||||
|
"unsafe backend configuration.")
|
||||||
|
raise exception.VolumeBackendAPIException(data=msg)
|
||||||
|
|
||||||
# units.Mi = 1024 ** 2
|
# units.Mi = 1024 ** 2
|
||||||
volume_size_kb = volume.size * units.Mi
|
volume_size_kb = volume.size * units.Mi
|
||||||
params = {'protectionDomainId': domain_id,
|
params = {'protectionDomainId': domain_id,
|
||||||
|
@ -17,8 +17,12 @@
|
|||||||
* - Configuration option = Default value
|
* - Configuration option = Default value
|
||||||
- Description
|
- Description
|
||||||
|
|
||||||
* - **[DEFAULT]**
|
* - ``sio_allow_non_padded_thick_volumes`` = ``False``
|
||||||
-
|
|
||||||
|
- (Boolean) Allow thick volumes to be created in Storage Pools
|
||||||
|
when zero padding is disabled. This option should
|
||||||
|
not be enabled if multiple tenants will utilize
|
||||||
|
thick volumes from a shared Storage Pool.
|
||||||
|
|
||||||
* - ``sio_max_over_subscription_ratio`` = ``10.0``
|
* - ``sio_max_over_subscription_ratio`` = ``10.0``
|
||||||
|
|
||||||
|
10
releasenotes/notes/scaleio-zeropadding-a0273c56c4d14fca.yaml
Normal file
10
releasenotes/notes/scaleio-zeropadding-a0273c56c4d14fca.yaml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
security:
|
||||||
|
- |
|
||||||
|
Removed the ability to create thick volumes in a ScaleIO Storage Pool
|
||||||
|
that has zero-padding disabled; creation of thin volumes from these
|
||||||
|
pools is allowed. A new configuration option has been added to
|
||||||
|
override this new behavior and allow thick volumes, but should not
|
||||||
|
be enabled if multiple tenants will utilize thick volumes from a shared
|
||||||
|
Storage Pool.
|
Loading…
Reference in New Issue
Block a user