Add rbd secret_uuid in secondary config
- Update initialize_connection to return active backend connection data. - Add secret_uuid support in secondary config For example: replication_device = backend_id:secondary, conf:/etc/ceph/secondary.conf, user:SECONDARY_UDER, secret_uuid:SENDARY_SECRET_UUID Closes-Bug #1828974 Change-Id: I1692310ef8ddc8ace88c4209fa447722ee422aaf
This commit is contained in:
parent
254ed254cf
commit
e0e912b084
@ -268,7 +268,8 @@ class RBDTestCase(test.TestCase):
|
||||
cfg = [{'backend_id': 'secondary-backend'}]
|
||||
expected = [{'name': 'secondary-backend',
|
||||
'conf': '/etc/ceph/secondary-backend.conf',
|
||||
'user': 'cinder'}]
|
||||
'user': 'cinder',
|
||||
'secret_uuid': self.cfg.rbd_secret_uuid}]
|
||||
self.driver._parse_replication_configs(cfg)
|
||||
self.assertEqual(expected, self.driver._replication_targets)
|
||||
|
||||
@ -280,10 +281,12 @@ class RBDTestCase(test.TestCase):
|
||||
{'backend_id': 'tertiary-backend'}]
|
||||
expected = [{'name': 'secondary-backend',
|
||||
'conf': 'foo',
|
||||
'user': 'bar'},
|
||||
'user': 'bar',
|
||||
'secret_uuid': self.cfg.rbd_secret_uuid},
|
||||
{'name': 'tertiary-backend',
|
||||
'conf': '/etc/ceph/tertiary-backend.conf',
|
||||
'user': 'cinder'}]
|
||||
'user': 'cinder',
|
||||
'secret_uuid': self.cfg.rbd_secret_uuid}]
|
||||
self.driver._parse_replication_configs(cfg[:num_targets])
|
||||
self.assertEqual(expected[:num_targets],
|
||||
self.driver._replication_targets)
|
||||
@ -297,16 +300,19 @@ class RBDTestCase(test.TestCase):
|
||||
self.assertEqual([], self.driver._target_names)
|
||||
self.assertEqual({'name': self.cfg.rbd_cluster_name,
|
||||
'conf': self.cfg.rbd_ceph_conf,
|
||||
'user': self.cfg.rbd_user},
|
||||
'user': self.cfg.rbd_user,
|
||||
'secret_uuid': self.cfg.rbd_secret_uuid},
|
||||
self.driver._active_config)
|
||||
|
||||
def test_do_setup_replication(self):
|
||||
cfg = [{'backend_id': 'secondary-backend',
|
||||
'conf': 'foo',
|
||||
'user': 'bar'}]
|
||||
'user': 'bar',
|
||||
'secret_uuid': 'secondary_secret_uuid'}]
|
||||
expected = [{'name': 'secondary-backend',
|
||||
'conf': 'foo',
|
||||
'user': 'bar'}]
|
||||
'user': 'bar',
|
||||
'secret_uuid': 'secondary_secret_uuid'}]
|
||||
|
||||
with mock.patch.object(self.driver.configuration, 'safe_get',
|
||||
return_value=cfg):
|
||||
@ -315,16 +321,19 @@ class RBDTestCase(test.TestCase):
|
||||
self.assertEqual(expected, self.driver._replication_targets)
|
||||
self.assertEqual({'name': self.cfg.rbd_cluster_name,
|
||||
'conf': self.cfg.rbd_ceph_conf,
|
||||
'user': self.cfg.rbd_user},
|
||||
'user': self.cfg.rbd_user,
|
||||
'secret_uuid': self.cfg.rbd_secret_uuid},
|
||||
self.driver._active_config)
|
||||
|
||||
def test_do_setup_replication_failed_over(self):
|
||||
cfg = [{'backend_id': 'secondary-backend',
|
||||
'conf': 'foo',
|
||||
'user': 'bar'}]
|
||||
'user': 'bar',
|
||||
'secret_uuid': 'secondary_secret_uuid'}]
|
||||
expected = [{'name': 'secondary-backend',
|
||||
'conf': 'foo',
|
||||
'user': 'bar'}]
|
||||
'user': 'bar',
|
||||
'secret_uuid': 'secondary_secret_uuid'}]
|
||||
self.driver._active_backend_id = 'secondary-backend'
|
||||
|
||||
with mock.patch.object(self.driver.configuration, 'safe_get',
|
||||
@ -1516,6 +1525,9 @@ class RBDTestCase(test.TestCase):
|
||||
keyring_data = "[client.cinder]\n key = test\n"
|
||||
mock_keyring.return_value = keyring_data
|
||||
|
||||
self.driver._active_config = {'name': 'secondary_id',
|
||||
'user': 'foo',
|
||||
'conf': 'bar'}
|
||||
expected = {
|
||||
'driver_volume_type': 'rbd',
|
||||
'data': {
|
||||
@ -1523,11 +1535,11 @@ class RBDTestCase(test.TestCase):
|
||||
self.volume_a.name),
|
||||
'hosts': hosts,
|
||||
'ports': ports,
|
||||
'cluster_name': self.cfg.rbd_cluster_name,
|
||||
'cluster_name': 'secondary_id',
|
||||
'auth_enabled': True,
|
||||
'auth_username': self.cfg.rbd_user,
|
||||
'auth_username': 'foo',
|
||||
'secret_type': 'ceph',
|
||||
'secret_uuid': None,
|
||||
'secret_uuid': self.cfg.rbd_secret_uuid,
|
||||
'volume_id': self.volume_a.id,
|
||||
'discard': True,
|
||||
'keyring': keyring_data,
|
||||
@ -1540,6 +1552,13 @@ class RBDTestCase(test.TestCase):
|
||||
expected['data']['keyring'] = None
|
||||
self._initialize_connection_helper(expected, hosts, ports)
|
||||
|
||||
self.driver._active_config = {'name': 'secondary_id',
|
||||
'user': 'foo',
|
||||
'conf': 'bar',
|
||||
'secret_uuid': 'secondary_secret_uuid'}
|
||||
expected['data']['secret_uuid'] = 'secondary_secret_uuid'
|
||||
self._initialize_connection_helper(expected, hosts, ports)
|
||||
|
||||
def test__get_keyring_contents_no_config_file(self):
|
||||
self.cfg.rbd_keyring_conf = ''
|
||||
self.assertIsNone(self.driver._get_keyring_contents())
|
||||
|
@ -261,7 +261,8 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
||||
return {
|
||||
'name': self.configuration.rbd_cluster_name,
|
||||
'conf': self.configuration.rbd_ceph_conf,
|
||||
'user': self.configuration.rbd_user
|
||||
'user': self.configuration.rbd_user,
|
||||
'secret_uuid': self.configuration.rbd_secret_uuid
|
||||
}
|
||||
raise exception.InvalidReplicationTarget(
|
||||
reason=_('RBD: Unknown failover target host %s.') % target_id)
|
||||
@ -291,10 +292,13 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
||||
self.SYSCONFDIR + name + '.conf')
|
||||
user = replication_device.get(
|
||||
'user', self.configuration.rbd_user or 'cinder')
|
||||
secret_uuid = replication_device.get(
|
||||
'secret_uuid', self.configuration.rbd_secret_uuid)
|
||||
# Pool has to be the same in all clusters
|
||||
replication_target = {'name': name,
|
||||
'conf': utils.convert_str(conf),
|
||||
'user': utils.convert_str(user)}
|
||||
'user': utils.convert_str(user),
|
||||
'secret_uuid': secret_uuid}
|
||||
LOG.info('Adding replication target: %s.', name)
|
||||
self._replication_targets.append(replication_target)
|
||||
self._target_names.append(name)
|
||||
@ -302,7 +306,8 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
||||
def _get_config_tuple(self, remote=None):
|
||||
if not remote:
|
||||
remote = self._active_config
|
||||
return (remote.get('name'), remote.get('conf'), remote.get('user'))
|
||||
return (remote.get('name'), remote.get('conf'), remote.get('user'),
|
||||
remote.get('secret_uuid', None))
|
||||
|
||||
def _trash_purge(self):
|
||||
LOG.info("Purging trash for backend '%s'", self._backend_name)
|
||||
@ -375,7 +380,7 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
||||
def _ceph_args(self):
|
||||
args = []
|
||||
|
||||
name, conf, user = self._get_config_tuple()
|
||||
name, conf, user, secret_uuid = self._get_config_tuple()
|
||||
|
||||
if user:
|
||||
args.extend(['--id', user])
|
||||
@ -391,7 +396,7 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
||||
self.configuration.rados_connection_interval,
|
||||
self.configuration.rados_connection_retries)
|
||||
def _do_conn(pool, remote, timeout):
|
||||
name, conf, user = self._get_config_tuple(remote)
|
||||
name, conf, user, secret_uuid = self._get_config_tuple(remote)
|
||||
|
||||
if pool is not None:
|
||||
pool = utils.convert_str(pool)
|
||||
@ -1389,6 +1394,7 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
||||
|
||||
def initialize_connection(self, volume, connector):
|
||||
hosts, ports = self._get_mon_addrs()
|
||||
name, conf, user, secret_uuid = self._get_config_tuple()
|
||||
data = {
|
||||
'driver_volume_type': 'rbd',
|
||||
'data': {
|
||||
@ -1396,11 +1402,11 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
||||
volume.name),
|
||||
'hosts': hosts,
|
||||
'ports': ports,
|
||||
'cluster_name': self.configuration.rbd_cluster_name,
|
||||
'auth_enabled': (self.configuration.rbd_user is not None),
|
||||
'auth_username': self.configuration.rbd_user,
|
||||
'cluster_name': name,
|
||||
'auth_enabled': (user is not None),
|
||||
'auth_username': user,
|
||||
'secret_type': 'ceph',
|
||||
'secret_uuid': self.configuration.rbd_secret_uuid,
|
||||
'secret_uuid': secret_uuid,
|
||||
'volume_id': volume.id,
|
||||
"discard": True,
|
||||
'keyring': self._get_keyring_contents(),
|
||||
|
@ -0,0 +1,6 @@
|
||||
---
|
||||
fixes:
|
||||
- |
|
||||
Rbd replication secondary device could set different user and keyring with primary cluster.
|
||||
Secondary secret_uuid value is configed in libvirt secret, and libvirtd using secondary secret
|
||||
reconnect to secondary cluster after Cinder failover host.
|
Loading…
x
Reference in New Issue
Block a user