RBD: prevent creation of encrypted volumes
At the moment RBD volume encryption is not supported. Libvirt needs support for non-block encryption and nova will need a few changes as well. Efforts are underway to resolve this, but in the mean time it's very confusing to users when we allow them to create encrypted volumes using volume types as stated in the documentation. Encryption of the volume will eventually fail, but allowing this creation creates an unreasonable expectation. This patch prevents encrypted volume creation for RBD until support has landed. At that time, this patch should be reverted. Change-Id: I0f071a4aea2d6454b71d83055e87d87b9efcc014
This commit is contained in:
parent
14899a9a8e
commit
4bf72b0aec
|
@ -207,6 +207,14 @@ class RBDTestCase(test.TestCase):
|
|||
client.__enter__.assert_called_once_with()
|
||||
client.__exit__.assert_called_once_with(None, None, None)
|
||||
|
||||
@common_mocks
|
||||
def test_create_encrypted_volume(self):
|
||||
self.volume_a.encryption_key_id = \
|
||||
'00000000-0000-0000-0000-000000000000'
|
||||
self.assertRaises(exception.VolumeDriverException,
|
||||
self.driver.create_volume,
|
||||
self.volume_a)
|
||||
|
||||
@common_mocks
|
||||
def test_manage_existing_get_size(self):
|
||||
with mock.patch.object(self.driver.rbd.Image(), 'size') as \
|
||||
|
|
|
@ -541,6 +541,11 @@ class RBDDriver(driver.TransferVD, driver.ExtendVD,
|
|||
|
||||
def create_volume(self, volume):
|
||||
"""Creates a logical volume."""
|
||||
|
||||
if volume.encryption_key_id:
|
||||
message = _("Encryption is not yet supported.")
|
||||
raise exception.VolumeDriverException(message=message)
|
||||
|
||||
size = int(volume.size) * units.Gi
|
||||
|
||||
LOG.debug("creating volume '%s'", volume.name)
|
||||
|
|
Loading…
Reference in New Issue