This uses the method _get_service_instance_name to generate the name
of the share service instance, instead of using directly the share
service id.
Note that it changes the default value of the
service_instance_name_template option to match the current default and
keep backwards compatibility.
Closes-Bug: #1945463
Change-Id: I3ee10f53315a37b47bd66eba082502b4209f4d95
Signed-off-by: David Caro <me@dcaro.es>
Changes CephFS driver to do not try to escape export ip in case it
is a hostname. The CephFS driver might use the hostname as an
export ip in case no ``cephfs_ganesha_server_ip`` is configured.
If that happens, we should not be allowing ip validations to occur
uppon a hostname, because it differs from an IPv4 or IPv6 and that
isn't necessarily an issue.
Change-Id: I1bd57eec3474768596cfab1bf2f8eb6123cc95a8
Currently, scheduler filters are stored as metadata and can be
manipulated by end users as all metadata can. In a future release, these
filters will be restricted so that only admins can manipulate this data,
as partially implemented in [1].
[1] https://review.opendev.org/c/openstack/manila/+/806647
Change-Id: I7a9fec49850e2b2369bb7b798347a03f30aee1ae
Add file to the reno documentation build to show release notes for
stable/xena.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/xena.
Sem-Ver: feature
Change-Id: I4e4ea6fdedfd36bb2668d5280df6ce3dce5d587f
1: As admin user, query share network list with specified
"security_service_id" and "project_id" search opts, will
get wrong result.
2: put "created_since", "created_before" search opts into database to
Increase query speed
Closes-Bug: #1923008
Change-Id: I49e412cb6c98fcda67531ff915b3b4c3edc64476
The NetApp driver has been working with FlexVol ONTAP volumes.
The driver does not support scaling FlexVol volumes higher than
100 TiB, which was a theoretical limit for the large namespace that
these containers were meant to handle. ONTAP's Flexgroup volumes
eliminate such limitations. So, added the support for provisioning
share as FlexGroup in the NetApp driver.
The FlexGroup provision is enabled by new option
`netapp_enable_flexgroup`, which will make the driver report a single
pool represeting all aggregates. The selection on which aggregates the
FlexGroup share will reside is up to ONTAP. If the administrator desires
to control that selection through Manila scheduler, it must inform the set
of aggregates that formss FlexGroup pool in the new option
`netapp_flexgroup_pool`.
Each NetApp pool will report now the capability: `netapp_flexgroup`
informing which type the pool is.
The following operations are allowed with FlexGroup shares (DHSS
True/False and NFS/CIFS):
- Create/Delete share;
- Shrink/Extend share;
- Create/Delete snapshot;
- Revert to snapshot;
- Manage/Unmanage snapshots;
- Create from snapshot;
- Replication[1]
- Manage/Unmanage shares;
The backend with one FlexGroup pool configured will drop the consistent
snapshot support for all pools.
The driver FlexGroup support requires ONTAP version 9.8 or greater.
[1] FlexGroup is limited to one single replica for ONTAP version
lower than 9.9.1.
DocImpact
Depends-On: If525e97a5d456d6ddebb4bf9bc8ff6190c95a555
Depends-On: I646f782c3e2be5ac799254f08a248a22cb9e0358
Implements: bp netapp-flexgroup-support
Change-Id: I4f68a9bb33be85f9a22e0be4ccf673647e713459
Signed-off-by: Felipe Rodrigues <felipefuty01@gmail.com>
A series of enhancements can be performed in the share server
migration operation, and share backends might support
nondisruptive share server migrations, which was not covered
in the previous approach.
- Skip the destination share server network allocation if the
driver is capable of reusing the source share server allocation.
Manila will switch the allocations in the migration complete phase.
- Allow share backends to reuse the share servers in case they
are able to do so in a share server migration scenario.
- Nondisruptive migration is now feasible depending on whether the
share driver supports it and if the share network parameters have
not changed.
- Share servers will be always deleted whe the share server
migration complete operation is finished.
Depends-On: I43bd3fdafea02eb8e853114a57bfb863a441f3ed
Co-Authored-By: Fabio Oliveira <fabioaurelio1269@gmail.com>
Change-Id: I48bafd92fe7a4d4ae0bafd5bf1961dace56b6005
Implements share server migration using a proper mechanism
provided by ONTAP. In case the driver identifies that the ONTAP
version matches the version where this mechanism is available,
ONTAP will automatically chose to use this instead of SVM DR.
- Implemented new methods for migrating a share server using a
new mechanism provided by ONTAP, when both source and destination
clusters have versions >= 9.10. This new migration mechanism
supports nondisruptive migrations in case there aren't network
changes in the migration.
- The NetApp now does not need to create an actual share server in
the backend prior to the migration, in case SVM Migrate is being
used.
- The NetApp ONTAP driver can now reuse network allocations from
the source share server in case a share network change wasn't
identified.
Change-Id: Idf1581d933d11280287f6801fd4aa886a627f66f
Depends-On: I48bafd92fe7a4d4ae0bafd5bf1961dace56b6005
This patch implements hard affinity and anti-affinity filter for
manila scheduler. Users can specify affinity/anti-affinity share
ids to the field "share.scheduler_hints.same_host" or
"share.scheduler_hints.different_host" in the request payload
when creating a manila share. The scheduler_hints are stored as
share metadata. The filter properties are populated from this
metadata during share migration and so filters will be applied
for share migration as well.
Both fields can be a single share UUID or multiple uuids
separated by comma. For example,
`{
"share": {
"scheduler_hints": {
"same_host": "share_uuid_1,share_uuid_2",
"different_host": "share_uuid_3"
}
}
}`
Implements: bp/affinity-antiaffinity-filter
Change-Id: Ic42d8a0c1d22e77ae64e0ca014607b28fd336467
Co-authored-by: Maurice Escher <maurice.escher@sap.com>
Implement the `readable` replication type for the NetApp driver.
The driver will keep having support for the `dr` type as well, being
the driver replication type a list containing them.
The replicas for readable style are mounted, created the export and
applied the QoS. When promoting, the original active replica does
not need to be unmounted. The user just loses the write access.
The update access interface is now applying rules for non active
replicas that are readable.
Implements: bp netapp-readable-replica
Change-Id: Icc74eaecc75c3064715f91bebb994e93c0053663
Signed-off-by: Felipe Rodrigues <felipefuty01@gmail.com>
In the ONTAP 9.8 and older, there is a bug in the zapi call
`snapmirror-release-iter` when using the scoped account
configuration. The operation is returning success, but the release
is not occurring.
To avoid this issue, the Netapp driver was changed to release with
the `snapmirror-release` zapi call, instead of the one that has a
bug. This new zapi call requires the field `relationship-id` to be
specified and it is being retrieved from ONTAP before calling it.
A small fix, not related to the bug, was made in the zapi call to
`snapmirror-release-iter` because the `relationship-info-only`
field was in the wrong place according to the documentation.
Closes-Bug: #1934889
Change-Id: I21633d4ffe14983365b0b6239216ed5d0bbfaace
This config option allows different value for reservation percentage,
mostly useful on the platforms, where shares can only be created from
the snapshot on the host where snapshot was taken. The lower value of
this config option against existing (reserved_share_percentage) allows
to create shares from the snapshot on the same host up to a higher
threshold even though non-snapshot/regular share create fails.
In case this config option is not set, the shares created from snapshot
will use reservation percentage value set in 'reserved_share_percentage'.
This will be useful for users who want to keep same reservation percentage
for both non-snapshot/regular and snapshot shares.
DocImpact
Closes-Bug: #1938060
Change-Id: I390da933fe92875e3c7ee40709eacacc030278dc
Add an force parameter to the API layer that lets the user choose
whether to go through the scheduler or not, which is boolean.and
default is False,set True means extend share directly, set False
means extend share will go through scheduler.
Add an new min_version 2.64 to extend share api. force parameter
only support min_version >= 2.64.
Closes-Bug:#1855391
Change-Id: I6da36a687a37c78a7fb7d3f252318d03d4a05133
Dell manila drivers use string as value for 'cifs' in
dhss_mandatory_security_service_association.
This fix changes it to a list.
Change-Id: I0c64e574301baf2a41a475af3b3848cbec8d495f
Closes-Bug: #1940072
Set share instance replica_state to 'active' after successful migration
if the share is involved in a replication setup.
Change-Id: I6cf8a08379b2f2b0fd1bcada4cd20c39adc01f47
Closes-Bug: #1927060
To create a share with protocol CIFS it is mandatory to add a security
service to the share network beforehand. If this is forgotten the share
ends up in error. Validate the security service association based on
share protocol from given driver. Raise invalid request exception if
needed association between share_network and security_service is
missing for given driver e.g. ONTAP.
DocImpact
Closes-Bug: #1900752
Change-Id: Ib7e9850e6439ee5d04f826d129afb1ab06950ce7
Currently we register all parameters about the quota feature to
[DEFAULT] section. However it is difficult for operators to identity
that some of these parameters like reservation_expire are used in the
quota feature, based of names and descriptions of the parameters.
This change migrates all quota options to the new [quota] section,
so that operators can easily understand which parameters are used
in the quota feature.
Closes-Bug: #1934025
Change-Id: I83b5750da7083718d39efb56262a49dae0a05f48
share snap list, Fuzzy query by name or description is supported, but
the current implementation is first get all the shares, then In the API
layer, the for loop is used to achieve fuzzy matching, if the num of
shares is big,
It will seriously affect the speed of fuzzy matching.Therefore, we
should let the database do the matching to speed up the query.
Moving the pagination params (limit, offset, sorting) to the database
layer for snapshot list, to optimize query speed.
Closes-Bug:#1881865
Partial-Bug:#1831094
Change-Id: I283e78c9e7c2dd626d94cf6c1b01d4e2f9ae8097
Deprecate the create snapshot from share group feature
in CephFS drivers (both Native and NFS Ganesha).
This needs to be done since the subvolume group snapshot
feature is no longer supported in mainline CephFS, meaning that,
if we leave the call in place, an exception will be raised
from the backend and lead to an error status for the attempted
snapshot from share group.
Existing group snapshots can still be listed and deleted, so these
operations stay the same.
Closes-Bug: #1925332
Change-Id: I49efb7042d38257416875f40c03923e974b2eb8e
Attempting to create a share without identifying a share type results in an
error.This adds a user message informing the user that no default share type
was identified while attempting to create a share.
Closes-Bug: #1870280
Change-Id: Ib417499d4394b939eb289460ac8dbb6b22d789f4
In python3.8.11 and python3.9.6, the behavior of the
ipaddress.ip_network.hosts() method changed. Now /32
addresses are returned by that method as a single
element list. This was apparently done as a bugfix [1]
Change-Id: Iab6d96351fa21131d834ccf07ffddd70555f25a7
Closes-Bug: #1934345
Signed-off-by: Goutham Pacha Ravi <gouthampravi@gmail.com>
[1] https://bugs.python.org/issue27683
CephFS drivers in OpenStack Manila are directing
mgr commands to the mgr by specifying mon-mgr as
the target [0]. This target (mon-mgr) was added
to Ceph in Octopus [1].
We would need a version check in order to set the
correct target while we wait on the backport on Ceph
to land [2].
[0] 3ea5d50a23
[1] 4000d500c0
[2] https://tracker.ceph.com/issues/51039
Closes-Bug: #1930459
Change-Id: I1a1079df8e104c5ddba29cb614eb4e02a304082e
Authorization errors when connecting
to nova/glance/neutron/cinder can be raised as
BadConfigurationExceptions in the logs. We shouldn't
be raising exceptions derived from the service client
libraries.
Change-Id: I2d47dbb1251dfa8d529f813724fb7fd97d7d3a0b
Closes-Bug: #1921927
Signed-off-by: Goutham Pacha Ravi <gouthampravi@gmail.com>
This change fixes the query being used to filter share
types. We were using an "or" clause instead of an "and" clause,
and that was causing all the extra specs to be shown instead of
the ones that the user specified. With this fix, manila users will
be able to filter shares by share type extra_specs accurately.
Closes-Bug: #1929121
Change-Id: I5cf9788dcafebdf88426617d2824f4be42dbb412
This change adds a new hook to Manager class called init_host_with_rpc()
to allow services like scheduler to do something once RPC is ready.
Copied from cinder 65fa80c361
and 60c563f72d
Change-Id: Iac6507a6e395c55f0fec453650009f08c2bb6563
Closes-Bug: #1271568
when the source share has ``snapshot_support`` False.
The message said that the back end lacks snapshot support but this
is not necessarily the case.
Closes-bug: #1925342
Change-Id: I09a83b63528c0988f3601dfd07ad6972165cb855
1、After performing a snapshot clone of the glusterfs vol,
the status of the vol is'Created', and the parameter
"gluster volume set nfs.rpc-auth-reject'*'" is required for
the vol in the'Started' state.
2、The cloned volume needs to activate the snapshot,
if the snapshot is already activated, you need to skip the activation step
Closes-Bug: #1922075
Change-Id: I304bf59b3f8c0d5b847078a5752bac8ac4f21690
Remove manila configuration options
and auth classes that were deprecated
before the Ussuri release.
Change-Id: I148225926cd249a0dd8d1f8c02b22ed06487f405
Similarly to periodic_share_replica_snapshot_update() skip active
replicas and do what the comment above says.
Change-Id: I719c670416c06f8eb9228a3537034285ae3733b4
Partial-Bug: #1924230
Replicas are just special instances after all, no need for
duplicate code and missing on improvements like exception handling
on NotFound error.
Change-Id: I31fabebc6a60814a4cfc04ae0deb49dcb66cab0f
Closes-Bug: #1923566
Commands in the Ceph driver are directed at the mon
daemon instead of at the mgr daemon.
The driver's rados_command() calls json_command() and,
by default, json_command() calls the python
rados client's mon_command() instead of mgr_command().
By passing the target as mon-mgr, the python rados
client's mgr_command() is called as desired, and we
avoid the need of extra MON write caps.
Closes-Bug: #1923181
Co-Authored-By: Victoria Martinez de la Cruz <victoria@redhat.com>
Co-Authored-By: Ramana Raja <rraja@redhat.com>
Co-Authored-By: Tom Barron <tpb@dyncloud.net>
Change-Id: I5bca68070ca1eb539d53dd31cb92588840e925e8
Add file to the reno documentation build to show release notes for
stable/wallaby.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/wallaby.
Sem-Ver: feature
Change-Id: I49803f627c4c580b41e7408b2b7e0452f3758831
This patch is a follow up of [1] to address some comments
added in the review process. It also adds more unit tests to
validate the new code added.
[1] https://review.opendev.org/c/openstack/manila/+/775032
Change-Id: If7b8628fa05200363a129eb19d9dc80fb7e3bc36
Signed-off-by: Douglas Viroel <viroel@gmail.com>
When trying to create a share using a security
service while having insufficient privileges or
providing wrong credentials, manila raises a
generic user message that provides little
information to the end user on what exactly went
wrong.
Added a driver-agnostic exception for when this
happens, accompanied with a user message to
provide more useful information to end users.
Partial-Bug: #1900755
Change-Id: I2b0bc5c0715c225cd5b38b55fb3967ff7fc86fa8
This bugfix [1] modified the totalcount returned by pagination
query when the argument 'limit' was specified. It caused
manila to do not return precise count of shares in a query that
satisfied the conditions.
This bug has been fixed and now manila is returning the precise
values of shares matched in a given query. Also, manila is now
performing filtering actions in the database to have more
performatic results.
[1] https://review.opendev.org/#/c/688542/
Closes-Bug: #1860061
Co-Authored-By: Carlos Eduardo <ces.eduardo98@gmail.com>
Change-Id: I6ddd919bbd5180593cc52bf986912f65a2dab3a7
Adds create share from snapshot functionality to
CephFS drivers.
Depends-On: https://review.opendev.org/c/openstack/manila-tempest-plugin/+/778188
Co-Authored-By: Victoria Martinez de la Cruz <victoria@redhat.com>
Co-Authored-By: Ramana Raja <rraja@redhat.com>
Co-Authored-By: Tom Barron <tpb@dyncloud.net>
DocImpact
Partially-Implements: blueprint create-share-from-snapshot-cephfs
Change-Id: I825ab15af934cb37dfda48ea26ec1af9de8dd293
Use python rados client to talk to the ceph-mgr service.
A python rados client is created by the driver that lasts
during the driver's lifecycle.
The drivers can now work with multiple filesystem clusters.
The filesystem to be used by manila can be specified by the
driver option 'cephfs_filesystem_name'.
The removal of a share will be quicker for the manila user.
The ceph-mgr volumes module moves the share's content to
a trash folder and purges the trash's contents
(`rm -rf` of the backend CephFS subvolume/subtree) aysnchronously,
whereas the ceph_volume_client library moves the share's content
and purges the content synchronously.
Implements: bp update-cephfs-drivers
Co-Authored-By: Victoria Martinez de la Cruz <victoria@redhat.com>
Co-Authored-By: Ramana Raja <rraja@redhat.com>
Co-Authored-By: Tom Barron <tpb@dyncloud.net>
DocImpact
Change-Id: I1f81db1ba7724c0784d87f9cb92bb696f6778806
when we need to start or restart manila share service, will call
init_host().
and call ensure_driver_resources() in init_host(),
will call self.driver.ensure_shares or self.driver.ensure_share to
update all share instances in that host. Currently, only NetApp and LVM
implement self.driver.ensure_shares, Other manufacturers are using
self.driver.ensure_share.
in large-scale environment, there are lot of share instances in one
host. this will lead to take much time to ensure_share.
so we can put this operation into the thread pool to speed up the
startup of the service.
Closes-Bug: #1909847
Change-Id: I295d0de0958ebfedd89441f1a2c1b447b74693a0
if we failed to manage a share, we don't need to commit the quota usages. so
we should skip quota usages cuts when delete or unmange the share with
status of "error_manage". and the size of error_manage share should be
zero.
Closes-Bug:#1883506
Change-Id: I5c81dd6780890c55c8c6a92491c3f4f507531fdb
Add missing quotes to exportfs command to protect <world> being
interpreted as file redirect
Closes-Bug: #1911695
Change-Id: Ie95a476e9a81c58df998c3f44da137b023b53cc6
The share protocol requested was being
ignored by the scheduler and this would
cause shares to get scheduled to hosts
that don't support the specified protocol.
Change-Id: I2e87264865b645781c481383c039fecbfd7c6eb1
Closes-Bug: #1783736
In order to optimize the NetApp ONTAP driver, this patch is caching
the status of driver pools and reusing for the each share server,
given that the pool is not separated by share server.
The option `netapp_cached_aggregates_status_lifetime` is added
for controlling the time that the cached values is considered
valid.
Closes-Bug: #1900469
Change-Id: I14a059615fc29c7c173c035bb51d39e0bbb8b70a
if rabbitmq is too much pressure or blockage.scheduler
will not received service capabilities, but once the
message queue(rabbitmq) returns to normal, scheduler
will received many service capabilities, these service
capabilities are acquired by manila share at different
times, so the timestamp of service capabilities shoud
added at share manage layer(before rpc), but not
scheduler layer(after rpc), once scheduler get an newer
service capabilities, there is no need to update an
earlier service capabilities.
Closes-Bug: #1908963
Change-Id: I6ce99ed4451c5d02cb4446861fa59e55a94951a5
This patch implements support for security service updates
for in use share networks. It works with all three security
service types. For 'active_directory' and 'kerberos', the 'domain'
attribute update isn't supported, since it can might affect
user's access to all related shares.
Change-Id: I8556e4e2e05deb9b116eacbd5afe2f7c5d77b44b
Depends-On: I129a794dfd2d179fa2b9a2fed050459d6f00b0de
Depends-On: I5fef50a17bc72ba66a3a9d6f786742bcb5745d7b
Implements: bp netapp-security-service-update
Co-Authored-By: Carlos Eduardo <ces.eduardo98@gmail.com>
Signed-off-by: Douglas Viroel <viroel@gmail.com>
David Caro
silvacarloss
Adam Harwell
ashrod98
OpenStack Release Bot
haixin
Felipe Rodrigues
Chuan Miao
Nahim Alves de Souza
kpdev
Sam Wan
Maurice Escher
Takashi Kajinami
Victoria Martinez de la Cruz
Goutham Pacha Ravi
Simon Dodsley
Tom Barron
Kafilat Adeleke
LinPeiWen
Douglas Viroel
Ratnakaram Rajesh
Eduardo Santos
maaoyu
Elias Wimmer