Add rbd secret_uuid in secondary config

- Update initialize_connection to return active backend connection data. - Add secret_uuid support in secondary config For example: replication_device = backend_id:secondary, conf:/etc/ceph/secondary.conf, user:SECONDARY_UDER, secret_uuid:SENDARY_SECRET_UUID Closes-Bug #1828974 Change-Id: I1692310ef8ddc8ace88c4209fa447722ee422aaf
2019-05-14 09:02:28 +00:00 · 2019-05-14 09:02:28 +00:00 · e0e912b084
commit e0e912b084
parent 254ed254cf
3 changed files with 52 additions and 21 deletions
--- a/cinder/tests/unit/volume/drivers/test_rbd.py
+++ b/cinder/tests/unit/volume/drivers/test_rbd.py
@ -268,7 +268,8 @@ class RBDTestCase(test.TestCase):
        cfg = [{'backend_id': 'secondary-backend'}]
        expected = [{'name': 'secondary-backend',
                     'conf': '/etc/ceph/secondary-backend.conf',
-                     'user': 'cinder'}]
+                     'user': 'cinder',
+                     'secret_uuid': self.cfg.rbd_secret_uuid}]
        self.driver._parse_replication_configs(cfg)
        self.assertEqual(expected, self.driver._replication_targets)

@ -280,10 +281,12 @@ class RBDTestCase(test.TestCase):
               {'backend_id': 'tertiary-backend'}]
        expected = [{'name': 'secondary-backend',
                     'conf': 'foo',
-                     'user': 'bar'},
+                     'user': 'bar',
+                     'secret_uuid': self.cfg.rbd_secret_uuid},
                    {'name': 'tertiary-backend',
                     'conf': '/etc/ceph/tertiary-backend.conf',
-                     'user': 'cinder'}]
+                     'user': 'cinder',
+                     'secret_uuid': self.cfg.rbd_secret_uuid}]
        self.driver._parse_replication_configs(cfg[:num_targets])
        self.assertEqual(expected[:num_targets],
                         self.driver._replication_targets)
@ -297,16 +300,19 @@ class RBDTestCase(test.TestCase):
            self.assertEqual([], self.driver._target_names)
            self.assertEqual({'name': self.cfg.rbd_cluster_name,
                              'conf': self.cfg.rbd_ceph_conf,
-                              'user': self.cfg.rbd_user},
+                              'user': self.cfg.rbd_user,
+                              'secret_uuid': self.cfg.rbd_secret_uuid},
                             self.driver._active_config)

    def test_do_setup_replication(self):
        cfg = [{'backend_id': 'secondary-backend',
                'conf': 'foo',
-                'user': 'bar'}]
+                'user': 'bar',
+                'secret_uuid': 'secondary_secret_uuid'}]
        expected = [{'name': 'secondary-backend',
                     'conf': 'foo',
-                     'user': 'bar'}]
+                     'user': 'bar',
+                     'secret_uuid': 'secondary_secret_uuid'}]

        with mock.patch.object(self.driver.configuration, 'safe_get',
                               return_value=cfg):
@ -315,16 +321,19 @@ class RBDTestCase(test.TestCase):
            self.assertEqual(expected, self.driver._replication_targets)
            self.assertEqual({'name': self.cfg.rbd_cluster_name,
                              'conf': self.cfg.rbd_ceph_conf,
-                              'user': self.cfg.rbd_user},
+                              'user': self.cfg.rbd_user,
+                              'secret_uuid': self.cfg.rbd_secret_uuid},
                             self.driver._active_config)

    def test_do_setup_replication_failed_over(self):
        cfg = [{'backend_id': 'secondary-backend',
                'conf': 'foo',
-                'user': 'bar'}]
+                'user': 'bar',
+                'secret_uuid': 'secondary_secret_uuid'}]
        expected = [{'name': 'secondary-backend',
                     'conf': 'foo',
-                     'user': 'bar'}]
+                     'user': 'bar',
+                     'secret_uuid': 'secondary_secret_uuid'}]
        self.driver._active_backend_id = 'secondary-backend'

        with mock.patch.object(self.driver.configuration, 'safe_get',
@ -1516,6 +1525,9 @@ class RBDTestCase(test.TestCase):
        keyring_data = "[client.cinder]\n  key = test\n"
        mock_keyring.return_value = keyring_data

+        self.driver._active_config = {'name': 'secondary_id',
+                                      'user': 'foo',
+                                      'conf': 'bar'}
        expected = {
            'driver_volume_type': 'rbd',
            'data': {
@ -1523,11 +1535,11 @@ class RBDTestCase(test.TestCase):
                                   self.volume_a.name),
                'hosts': hosts,
                'ports': ports,
-                'cluster_name': self.cfg.rbd_cluster_name,
+                'cluster_name': 'secondary_id',
                'auth_enabled': True,
-                'auth_username': self.cfg.rbd_user,
+                'auth_username': 'foo',
                'secret_type': 'ceph',
-                'secret_uuid': None,
+                'secret_uuid': self.cfg.rbd_secret_uuid,
                'volume_id': self.volume_a.id,
                'discard': True,
                'keyring': keyring_data,
@ -1540,6 +1552,13 @@ class RBDTestCase(test.TestCase):
        expected['data']['keyring'] = None
        self._initialize_connection_helper(expected, hosts, ports)

+        self.driver._active_config = {'name': 'secondary_id',
+                                      'user': 'foo',
+                                      'conf': 'bar',
+                                      'secret_uuid': 'secondary_secret_uuid'}
+        expected['data']['secret_uuid'] = 'secondary_secret_uuid'
+        self._initialize_connection_helper(expected, hosts, ports)
+
    def test__get_keyring_contents_no_config_file(self):
        self.cfg.rbd_keyring_conf = ''
        self.assertIsNone(self.driver._get_keyring_contents())
--- a/cinder/volume/drivers/rbd.py
+++ b/cinder/volume/drivers/rbd.py
@ -261,7 +261,8 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
            return {
                'name': self.configuration.rbd_cluster_name,
                'conf': self.configuration.rbd_ceph_conf,
-                'user': self.configuration.rbd_user
+                'user': self.configuration.rbd_user,
+                'secret_uuid': self.configuration.rbd_secret_uuid
            }
        raise exception.InvalidReplicationTarget(
            reason=_('RBD: Unknown failover target host %s.') % target_id)
@ -291,10 +292,13 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
                                          self.SYSCONFDIR + name + '.conf')
            user = replication_device.get(
                'user', self.configuration.rbd_user or 'cinder')
+            secret_uuid = replication_device.get(
+                'secret_uuid', self.configuration.rbd_secret_uuid)
            # Pool has to be the same in all clusters
            replication_target = {'name': name,
                                  'conf': utils.convert_str(conf),
-                                  'user': utils.convert_str(user)}
+                                  'user': utils.convert_str(user),
+                                  'secret_uuid': secret_uuid}
            LOG.info('Adding replication target: %s.', name)
            self._replication_targets.append(replication_target)
            self._target_names.append(name)
@ -302,7 +306,8 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
    def _get_config_tuple(self, remote=None):
        if not remote:
            remote = self._active_config
-        return (remote.get('name'), remote.get('conf'), remote.get('user'))
+        return (remote.get('name'), remote.get('conf'), remote.get('user'),
+                remote.get('secret_uuid', None))

    def _trash_purge(self):
        LOG.info("Purging trash for backend '%s'", self._backend_name)
@ -375,7 +380,7 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
    def _ceph_args(self):
        args = []

-        name, conf, user = self._get_config_tuple()
+        name, conf, user, secret_uuid = self._get_config_tuple()

        if user:
            args.extend(['--id', user])
@ -391,7 +396,7 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
                     self.configuration.rados_connection_interval,
                     self.configuration.rados_connection_retries)
        def _do_conn(pool, remote, timeout):
-            name, conf, user = self._get_config_tuple(remote)
+            name, conf, user, secret_uuid = self._get_config_tuple(remote)

            if pool is not None:
                pool = utils.convert_str(pool)
@ -1389,6 +1394,7 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,

    def initialize_connection(self, volume, connector):
        hosts, ports = self._get_mon_addrs()
+        name, conf, user, secret_uuid = self._get_config_tuple()
        data = {
            'driver_volume_type': 'rbd',
            'data': {
@ -1396,11 +1402,11 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
                                   volume.name),
                'hosts': hosts,
                'ports': ports,
-                'cluster_name': self.configuration.rbd_cluster_name,
-                'auth_enabled': (self.configuration.rbd_user is not None),
-                'auth_username': self.configuration.rbd_user,
+                'cluster_name': name,
+                'auth_enabled': (user is not None),
+                'auth_username': user,
                'secret_type': 'ceph',
-                'secret_uuid': self.configuration.rbd_secret_uuid,
+                'secret_uuid': secret_uuid,
                'volume_id': volume.id,
                "discard": True,
                'keyring': self._get_keyring_contents(),
--- a/releasenotes/notes/rbd_replication_add_secret_uuid_config-c74d65e6d3d610c6.yaml
+++ b/releasenotes/notes/rbd_replication_add_secret_uuid_config-c74d65e6d3d610c6.yaml
@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    Rbd replication secondary device could set different user and keyring with primary cluster.
+    Secondary secret_uuid value is configed in libvirt secret, and libvirtd using secondary secret
+    reconnect to secondary cluster after Cinder failover host.