Disallow unmanaging encrypted volumes

Unmanaging encrypted volumes is problematic because unmanage assumes that you will be able to manage the volume again for later use, but, we have no mechanism currently to keep track of the encryption key which would be required for using an encrypted volume again. While this may work out ok when using the conf_key manager, this patch does not distinguish between conf_key and barbican deployments. * The Ocata backport skips the async error message for this event due to refactoring of the messages system, to minimize risk. Closes-Bug: #1731518 Change-Id: I7506fa36962404c80f1cc9c6370693728e5393a7 (cherry picked from commit de584713d9) Conflicts: cinder/volume/api.py (cherry picked from commit 30ca90ffcc) Conflicts: cinder/message/message_field.py cinder/tests/unit/api/contrib/test_volume_unmanage.py cinder/tests/unit/volume/test_volume.py
2017-11-28 14:13:21 -05:00 · 2017-11-28 14:13:21 -05:00 · dd727943d0
parent 23377ac9a8
commit dd727943d0
3 changed files with 18 additions and 0 deletions
--- a/cinder/tests/unit/api/contrib/test_volume_unmanage.py
+++ b/cinder/tests/unit/api/contrib/test_volume_unmanage.py
@ -94,3 +94,11 @@ class VolumeUnmanageTest(test.TestCase):
        self.assertEqual(400, res.status_int, res)
        db.volume_destroy(self.ctxt, vol.id)
        db.snapshot_destroy(self.ctxt, snap.id)
+
+    def test_unmanage_encrypted_volume_denied(self):
+        vol = utils.create_volume(
+            self.ctxt,
+            encryption_key_id='7a98391f-6619-46af-bd00-5862a3f7f1bd')
+        res = self._get_resp(vol.id)
+        self.assertEqual(400, res.status_int, res)
+        db.volume_destroy(self.ctxt, vol.id)
--- a/cinder/volume/api.py
+++ b/cinder/volume/api.py
@ -399,6 +399,11 @@ class API(base.Base):
        if not unmanage_only:
            volume.assert_not_frozen()

+        if unmanage_only and volume.encryption_key_id is not None:
+            msg = _("Unmanaging encrypted volumes is not supported.")
+            e = exception.Invalid(reason=msg)
+            raise e
+
        # Build required conditions for conditional update
        expected = {
            'attach_status': db.Not(fields.VolumeAttachStatus.ATTACHED),
--- a/cinder/volume/manager.py
+++ b/cinder/volume/manager.py
@ -721,6 +721,11 @@ class VolumeManager(manager.CleanableManager,
            raise exception.VolumeAttached(volume_id=volume.id)
        self._check_is_our_resource(volume)

+        if unmanage_only and volume.encryption_key_id is not None:
+            raise exception.Invalid(
+                reason=_("Unmanaging encrypted volumes is not "
+                         "supported."))
+
        if unmanage_only and cascade:
            # This could be done, but is ruled out for now just
            # for simplicity.