Browse Source

Remove VxFlex OS credentials from connection_properties

VxFlex OS password is not stored in block_device_mapping table. Instead of this
passwords are stored in separate file and are retrieved during each attach/detach
operation.

Closes-Bug: #1823200
Change-Id: Ie9c41f37ab5c186b9f9aa92539a363d0b2388035
tags/15.2.0^0
Ivan Pchelintsev 1 month ago
committed by Brian Rosmaita
parent
commit
aadf0950c9
5 changed files with 76 additions and 8 deletions
  1. +3
    -3
      cinder/volume/drivers/dell_emc/vxflexos/driver.py
  2. +46
    -3
      doc/source/configuration/block-storage/drivers/dell-emc-vxflex-driver.rst
  3. +1
    -1
      lower-constraints.txt
  4. +25
    -0
      releasenotes/notes/bug-1823200-train-58d84b7a0530594f.yaml
  5. +1
    -1
      requirements.txt

+ 3
- 3
cinder/volume/drivers/dell_emc/vxflexos/driver.py View File

@@ -89,9 +89,10 @@ class VxFlexOSDriver(driver.VolumeDriver):
2.0.4 - Added compatibility with os_brick>1.15.3
2.0.5 - Change driver name, rename config file options
3.0.0 - Add support for VxFlex OS 3.0.x and for volumes compression
3.0.0.1 - Fix for Bug #1823200. See OSSN-0086 for details.
"""

VERSION = "3.0.0"
VERSION = "3.0.0.1"
# ThirdPartySystems wiki
CI_WIKI_NAME = "DELL_EMC_ScaleIO_CI"

@@ -159,8 +160,7 @@ class VxFlexOSDriver(driver.VolumeDriver):
'serverIP': self.server_ip,
'serverPort': self.server_port,
'serverUsername': self.server_username,
'serverPassword': self.server_password,
'serverToken': self.server_token,
'config_group': self.configuration.config_group,
'iopsLimit': None,
'bandwidthLimit': None,
}


+ 46
- 3
doc/source/configuration/block-storage/drivers/dell-emc-vxflex-driver.rst View File

@@ -212,6 +212,33 @@ parameters as follows:
san_password = SIO_PASSWD
san_thin_provision = false

Connector configuration
~~~~~~~~~~~~~~~~~~~~~~~

Before using attach/detach volume operations VxFlex OS connector must be
properly configured. On each node where VxFlex OS SDC is installed do the
following:

#. Create ``/opt/emc/scaleio/openstack/connector.conf`` if it does not
exist.

.. code-block:: console

$ mkdir -p /opt/emc/scaleio/openstack
$ touch /opt/emc/scaleio/openstack/connector.conf

#. For each VxFlex OS section in the ``cinder.conf`` create the same section in
the ``/opt/emc/scaleio/openstack/connector.conf`` and populate it with
passwords. Example:

.. code-block:: ini

[vxflexos]
san_password = SIO_PASSWD

[vxflexos-new]
san_password = SIO2_PASSWD

.. _cg_configuration_options_emc:

Configuration options
@@ -343,6 +370,22 @@ limit volumes allocation only to data pools which supports compression.
Using VxFlex OS Storage with a containerized overcloud
------------------------------------------------------

When using a containerized overcloud, such as one deployed via TripleO or
Red Hat OpenStack version 13 and above, install the Storage Data Client
(SDC) on all nodes after deploying the overcloud.
#. Create a file with below contents:

.. code-block:: yaml

parameter_defaults:
NovaComputeOptVolumes:
- /opt/emc/scaleio:/opt/emc/scaleio
CinderVolumeOptVolumes:
- /opt/emc/scaleio:/opt/emc/scaleio
GlanceApiOptVolumes:
- /opt/emc/scaleio:/opt/emc/scaleio


Name it whatever you like, e.g. ``vxflexos_volumes.yml``.

#. Use ``-e`` to include this customization file to deploy command.

#. Install the Storage Data Client (SDC) on all nodes after deploying
the overcloud.

+ 1
- 1
lower-constraints.txt View File

@@ -65,7 +65,7 @@ networkx==1.11
oauth2client==1.5.0
openstackdocstheme==1.20.0
os-api-ref==1.4.0
os-brick==2.2.0
os-brick==2.10.3
os-client-config==1.29.0
os-win==3.0.0
oslo.cache==1.29.0


+ 25
- 0
releasenotes/notes/bug-1823200-train-58d84b7a0530594f.yaml View File

@@ -0,0 +1,25 @@
---
upgrade:
- |
The fix for `Bug #1823200
<https://bugs.launchpad.net/cinder/+bug/1823200>`_ requires
``os-brick`` >= 2.10.3 but < 2.11.0.
security:
- |
Dell EMC VxFlex OS driver: This release contains a fix for
`Bug #1823200 <https://bugs.launchpad.net/cinder/+bug/1823200>`_.
See `OSSN-0086 <https://wiki.openstack.org/wiki/OSSN/OSSN-0086>`_
for details.
fixes:
- |
`Bug #1823200 <https://bugs.launchpad.net/cinder/+bug/1823200>`_:
This release contains an updated Dell EMC VxFlex OS driver. It must
be used with ``os-brick`` >= 2.10.3 but < 2.11.0.
and requires that a new configuration file be deployed on compute
nodes, cinder nodes, and anywhere you would perform a volume attachment
in your deployment.
See the `Dell EMC VxFlex OS (ScaleIO) Storage driver
<https://docs.openstack.org/cinder/train/configuration/block-storage/drivers/dell-emc-vxflex-driver.html>`_
documentation for details about the configuration file, and see
`OSSN-0086 <https://wiki.openstack.org/wiki/OSSN/OSSN-0086>`_ for
more information about the security vulnerability.

+ 1
- 1
requirements.txt View File

@@ -58,7 +58,7 @@ suds-jurko>=0.6 # LGPLv3+
WebOb>=1.7.1 # MIT
oslo.i18n>=3.15.3 # Apache-2.0
oslo.vmware>=2.17.0 # Apache-2.0
os-brick>=2.2.0 # Apache-2.0
os-brick>=2.10.3 # Apache-2.0
os-win>=3.0.0 # Apache-2.0
tooz>=1.58.0 # Apache-2.0
google-api-python-client>=1.4.2 # Apache-2.0


Loading…
Cancel
Save