RemoteFS: prevent creation of encrypted volumes
Support for volume encryption of FS-based volumes is not currently implemented in Nova. Creating encrypted volumes with these drivers can result in dangerous and undesired behavior. Block creation of encrypted volumes for these drivers until this is supported. This adds a per-driver switch which can be used to enable this for individual RemoteFS drivers as they are tested. Closes-Bug: #1675469 Change-Id: I39d4230106c891e1b480989daaf72bea5a64e4b3
This commit is contained in:
parent
ce32522d3a
commit
e626f54f8b
|
@ -147,6 +147,7 @@ class RemoteFSDriver(driver.BaseVD):
|
||||||
self._mounted_shares = []
|
self._mounted_shares = []
|
||||||
self._execute_as_root = True
|
self._execute_as_root = True
|
||||||
self._is_voldb_empty_at_startup = kwargs.pop('is_vol_db_empty', None)
|
self._is_voldb_empty_at_startup = kwargs.pop('is_vol_db_empty', None)
|
||||||
|
self._supports_encryption = False
|
||||||
|
|
||||||
if self.configuration:
|
if self.configuration:
|
||||||
self.configuration.append_config_values(nas_opts)
|
self.configuration.append_config_values(nas_opts)
|
||||||
|
@ -234,6 +235,10 @@ class RemoteFSDriver(driver.BaseVD):
|
||||||
:returns: provider_location update dict for database
|
:returns: provider_location update dict for database
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
if volume.encryption_key_id and not self._supports_encryption:
|
||||||
|
message = _("Encryption is not yet supported.")
|
||||||
|
raise exception.VolumeDriverException(message=message)
|
||||||
|
|
||||||
LOG.debug('Creating volume %(vol)s', {'vol': volume.id})
|
LOG.debug('Creating volume %(vol)s', {'vol': volume.id})
|
||||||
self._ensure_shares_mounted()
|
self._ensure_shares_mounted()
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue