bec756e040
As described in the launchpad bug [1], backup operations must take care to ensure encryption key ID resources aren't lost, and that restored volumes always have a unique encryption key ID. [1] https://bugs.launchpad.net/cinder/+bug/1745180 This patch adds an 'encryption_key_id' column to the backups table. Now, when a backup is created and the source volume's encryption key is cloned, the cloned key ID is stored in the table. This makes it possible to delete the cloned key ID when the backup is deleted. The code that clones the volume's encryption key has been relocated from the common backup driver layer to the backup manager. The backup manager now has full responsibility for managing encryption key IDs. When restoring a backup of an encrypted volume, the backup manager now does this: 1) If the restored volume's encryption key ID has changed, delete the key ID it had prior to the restore operation. This ensures no key IDs are leaked. 2) If the 'encryption_key_id' field in the backup table is empty, glean the backup's cloned key ID from the backup's "volume base metadata." This helps populate the 'encryption_key_id' column for backup table entries created prior to when the column existed. 3) Re-clone the backup's key ID to ensure the restored volume's key ID is always unique. Closes-Bug: #1745180 Change-Id: I6cadcbf839d146b2fd57d7019f73dce303f9e10b
Team and repository tags
CINDER
You have come across a storage service for an open cloud computing service. It has identified itself as Cinder. It was abstracted from the Nova project.
- Wiki: https://wiki.openstack.org/Cinder
- Developer docs: https://docs.openstack.org/cinder/latest/
Getting Started
If you'd like to run from the master branch, you can clone the git repo:
For developer information please see HACKING.rst
You can raise bugs here https://bugs.launchpad.net/cinder
Python client
https://git.openstack.org/cgit/openstack/python-cinderclient