From 98713d69acd2fcc83f1f7589ac722c4c16f6976c Mon Sep 17 00:00:00 2001 From: Lee Yarwood Date: Mon, 1 Mar 2021 14:11:06 +0000 Subject: [PATCH] libvirt: Deprecate disable_native_luksv1 and rbd_volume_local_attach As noted at the time these workarounds are no longer required given the underlying performance regressions have been resolved in libgcrypt. Change-Id: Ibb718003ba614738eabbc797da3d0203eac5468c --- nova/conf/workarounds.py | 24 ++++++++++++------- ...isable_native_luksv1-39680763607b5a59.yaml | 13 ++++++++++ 2 files changed, 29 insertions(+), 8 deletions(-) create mode 100644 releasenotes/notes/libvirt-workarounds-deprecate-rbd_volume_local_attach-and-disable_native_luksv1-39680763607b5a59.yaml diff --git a/nova/conf/workarounds.py b/nova/conf/workarounds.py index 8eadc0b6ec3a..53a9f3d417a0 100644 --- a/nova/conf/workarounds.py +++ b/nova/conf/workarounds.py @@ -271,12 +271,15 @@ Related options: * ``compute_driver`` (libvirt) * ``[libvirt]/images_type`` (rbd) """), - # TODO(lyarwood): Remove this workaround in the W release once all - # supported distros have rebased to a version of libgcrypt that does not - # have the performance issues listed below. cfg.BoolOpt( 'disable_native_luksv1', default=False, + deprecated_for_removal=True, + deprecated_since='23.0.0', + deprecated_reason=""" +The underlying performance regression within libgcrypt that prompted this +workaround has been resolved as of 1.8.5 +""", help=""" When attaching encrypted LUKSv1 Cinder volumes to instances the Libvirt driver configures the encrypted disks to be natively decrypted by QEMU. @@ -302,11 +305,16 @@ Related options: * ``compute_driver`` (libvirt) * ``rbd_block_device`` (workarounds) """), - # TODO(lyarwood): Remove this workaround in the W release when the - # above disable_native_luksv1 configurable is removed. - cfg.BoolOpt('rbd_volume_local_attach', - default=False, - help=""" + cfg.BoolOpt( + 'rbd_volume_local_attach', + default=False, + deprecated_for_removal=True, + deprecated_since='23.0.0', + deprecated_reason=""" +The underlying performance regression within libgcrypt that prompted this +workaround has been resolved as of 1.8.5 +""", + help=""" Attach RBD Cinder volumes to the compute as host block devices. When enabled this option instructs os-brick to connect RBD volumes locally on diff --git a/releasenotes/notes/libvirt-workarounds-deprecate-rbd_volume_local_attach-and-disable_native_luksv1-39680763607b5a59.yaml b/releasenotes/notes/libvirt-workarounds-deprecate-rbd_volume_local_attach-and-disable_native_luksv1-39680763607b5a59.yaml new file mode 100644 index 000000000000..138802f3a5bb --- /dev/null +++ b/releasenotes/notes/libvirt-workarounds-deprecate-rbd_volume_local_attach-and-disable_native_luksv1-39680763607b5a59.yaml @@ -0,0 +1,13 @@ +--- +deprecations: + - | + The ``[workarounds]rbd_volume_local_attach`` and + ``[workarounds]disable_native_luksv1`` options have been deprecated as of + the 23.0.0 release ahead of removal in the future as the underlying + ``libgcrypt`` performance regressions that prompted their introduction have + been resolved. + + Any remaining users of these workarounds should plan to disable these + workarounds as soon as possible. Note that this requires that any instances + on compute hosts using the workaround be shutdown ahead of the value of the + workaround changing, before being restarted.