RBD: Open RBD images read-only where possible

In cases where we don't need to modify the image, open rbd images in read-only mode. Closes-Bug: #1947518 Change-Id: I8287460b902dd525aa5313861142f5fb8490e60a
2021-03-29 08:32:58 -04:00 · 2021-03-29 08:32:58 -04:00 · e644e3584b
commit e644e3584b
parent aafaba0e95
2 changed files with 19 additions and 5 deletions
--- a/cinder/volume/drivers/rbd.py
+++ b/cinder/volume/drivers/rbd.py
@ -302,7 +302,7 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
    def _show_msg_check_clone_v2_api(self, volume_name):
        if not self._clone_v2_api_checked:
            self._clone_v2_api_checked = True
-            with RBDVolumeProxy(self, volume_name) as volume:
+            with RBDVolumeProxy(self, volume_name, read_only=True) as volume:
                try:
                    if (volume.volume.op_features() &
                            self.rbd.RBD_OPERATION_FEATURE_CLONE_PARENT):
@ -669,7 +669,9 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
    def _get_clone_depth(self, client, volume_name, depth=0):
        """Returns the number of ancestral clones of the given volume."""
-        parent_volume = self.rbd.Image(client.ioctx, volume_name)
+        parent_volume = self.rbd.Image(client.ioctx,
                                       volume_name,
                                       read_only=True)
        try:
            _pool, parent, _snap = self._get_clone_info(parent_volume,
                                                        volume_name)
@ -1013,7 +1015,7 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
        default_stripe_unit = \
            self.configuration.rbd_store_chunk_size * units.Mi
-        image = self.rbd.Image(ioctx, volume_name)
+        image = self.rbd.Image(ioctx, volume_name, read_only=True)
        try:
            image_stripe_unit = image.stripe_unit()
        finally:
@ -1769,7 +1771,9 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
        with RADOSClient(self) as client:
            # Raise an exception if we didn't find a suitable rbd image.
            try:
-                rbd_image = self.rbd.Image(client.ioctx, rbd_name)
+                rbd_image = self.rbd.Image(client.ioctx,
                                           rbd_name,
                                           read_only=True)
            except self.rbd.ImageNotFound:
                kwargs = {'existing_ref': rbd_name,
                          'reason': 'Specified rbd image does not exist.'}
@ -1996,7 +2000,8 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
            # Raise an exception if we didn't find a suitable rbd image.
            try:
                rbd_snapshot = self.rbd.Image(client.ioctx, volume_name,
-                                              snapshot=snapshot_name)
+                                              snapshot=snapshot_name,
                                              read_only=True)
            except self.rbd.ImageNotFound:
                kwargs = {'existing_ref': snapshot_name,
                          'reason': 'Specified snapshot does not exist.'}
--- a/releasenotes/notes/bug-1947518-rbd-open-readonly-ba523c4b0ddbba76.yaml
+++ b/releasenotes/notes/bug-1947518-rbd-open-readonly-ba523c4b0ddbba76.yaml
@ -0,0 +1,9 @@
 ---
 fixes:
  - |
    RBD driver `bug #1947518
    <https://bugs.launchpad.net/cinder/+bug/1947518>`_:
    Corrected a regression caused by the fix for `Bug #1931004
    <https://bugs.launchpad.net/cinder/+bug/1931004>`_ that was attempting
    to access the glance images RBD pool with write privileges when creating
    a volume from an image.