Commit Graph

154 Commits (master)

Author SHA1 Message Date
Zuul fb23a40a65 Merge "Revert "Dell PowerFlex password appears in plain text when creating a volume"" 2023-09-28 15:46:12 +00:00
Yian Zong bbc732c40e Revert "Dell PowerFlex password appears in plain text when creating a volume"
This reverts commit 33661ece80.

Reason for revert: breaks reading password from the config file

Change-Id: I840d8c4d66daf0ab8636617b42cdb47dd4313cc9
2023-09-28 07:48:06 +00:00
Zuul 07b0e4a94b Merge "Update master for stable/2023.2" 2023-09-25 14:56:44 +00:00
Zuul f3b11ddf9e Merge "Dell Powerflex: Add new VOLUME_ALREADY_MAPPED_ERROR" 2023-09-21 10:23:49 +00:00
Zuul 92d9963e6f Merge "Dell PowerFlex password appears in plain text when creating a volume from an image" 2023-09-20 22:15:07 +00:00
tony-saad 33661ece80 Dell PowerFlex password appears in plain text when creating a volume
from an image

This patch fixes the issue of password getting writen in plain text in
logs while creating a new volume. It created a new logger with default
log level at error.

Closes-Bug: #2003179
Change-Id: I0292a30f402e5acddd8bbc31dfaef12ce24bf0b9
2023-09-20 10:47:06 +00:00
tony-saad 42d9a89280 Dell Powerflex: Add new VOLUME_ALREADY_MAPPED_ERROR
Dell Powerflex 4.x changed the error code of VOLUME_ALREADY_MAPPED_ERROR
to 4037. This patch adds that error code.

Closes-Bug: #2013749
Change-Id: I928c97ea977f6d0a0b654f15c80c00523c141406
2023-09-20 08:47:24 +02:00
OpenStack Release Bot 034a6f247a Update master for stable/2023.2
Add file to the reno documentation build to show release notes for

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on

Sem-Ver: feature
Change-Id: I25bef272ded6c7c963c6ad0f95103fe421fa8fe7
2023-09-08 14:55:39 +00:00
Rajat Dhasmana 1435059da5 Check paths before extending device
In a multipath enabled deployment, when we try to extend a volume
and some paths are down, we fail to extend the multipath device and
leave the environment in an inconsistent state. See LP Bug #2032177
for more details.

To handle this, we check if all the paths are up before trying to
extend the device and fail fast if any path is down. This ensures
we don't partially extend some paths and leave the other to the
original size leading to inconsistent state in the environment.

Closes-Bug: 2032177

Change-Id: I5fc02efc5e9657821a1335f1c1ac5fe036e9329a
2023-08-24 11:40:32 +00:00
Zuul eb76f8283e Merge "NVMe-oF: Create /etc/nvme/hostid" 2023-08-24 08:35:34 +00:00
Gorka Eguileor 16c90d5fe9 NVMe-oF: Create /etc/nvme/hostid
The NVMe-oF connector currently create the `/etc/nvme/hostnqn` file if
it doesn't exist, but it may still be missing the `/etc/nvme/hostid`

Some distribution packages create the file on installation but others
may not.

It is recommended for the file to be present so that nvme doesn't
randomly generate it.

Randomly generating it means that the value will be different for the
same storage array and the same volume if we connect, disconnect, and
connect the volume again.

This patch ensures that the file will exist and will try to use the
system's UUID as reported by DMI or a randomly generated one.

Closes-Bug: #2016029
Change-Id: I0b60f9078f23f8464d8234841645ed520e8ba655
2023-08-23 19:02:42 +02:00
Gorka Eguileor 59961647d3 SCSI: Support non SAM LUN addressing
This patch adds non SAM addressing modes for LUNs, specifically for
SAM-2 and SAM-3 flat addressing.

Code has been manually verified on Pure storage systems that uses SAM-2
addressing mode, because it's unusual for CI jobs to have more than
256 LUNs on a single target.

Closes-Bug: #2006960
Change-Id: If32d054e8f944f162bdc8700d842134a80049877
2023-08-23 12:19:11 +02:00
Zuul 0a5d4c1506 Merge "Fix multipath resize map with friendly names" 2023-08-17 00:56:26 +00:00
Rajat Dhasmana 75714711f2 Fix multipath resize map with friendly names
When multipath is enabled and friendly names are ON and we try
to extend a volume, we pass the SCSI WWID to the multipath_resize_map
method which is not correct.

There are 2 things we can pass to the multipathd resize map command:

1) Multipath device (eg: dm-0)
2) Alias (eg: mpath1) or UUID (eg: 36005076303ffc56200000000000010aa)

The value should be an alias (mpath1) when friendly names are ON
and UUID (36005076303ffc56200000000000010aa) when friendly names
are OFF. However, we only pass the UUID irrespective of the value
set for friendly names.

This patch passes the multipath device path (to multipathd resize
map command) which is the real path of the multipath device (/dev/dm-*).
This fixes the issue as it passes the same value irrespective of if
the friendly names are ON or OFF.

-> self.multipath_resize_map(os.path.realpath(mpath_device))

(Pdb) mpath_device

(Pdb) os.path.realpath(mpath_device)

Closes-Bug: 1609753
Change-Id: I1c60af19c2ebaa9de878cd07cfc0077c5ea56fe3
2023-07-27 21:12:52 +00:00
Eric Harney edc1bc433b nvmeof: Call findmnt with -v
The -v arg suppresses printing of [/dir] with the
device for bind mounts and btrfs volumes, which is
what we want for this usage.

This fixes _get_host_uuid() failing when using
a btrfs rootfs.

Closes-Bug: #2026257
Change-Id: I2d8f24193ecf821843bf8f4ea14b445561d6225c
2023-07-12 12:23:39 -04:00
Gorka Eguileor 570df49db9 Support force disconnect for FC
This patch adds support for the force and ignore_errors on the
disconnect_volume of the FC connector like we have in the iSCSI

Related-Bug: #2004555
Change-Id: Ia74ecfba03ba23de9d30eb33706245a7f85e1d66
2023-04-24 11:39:37 +02:00
OpenStack Release Bot a0bc09ba50 Update master for stable/2023.1
Add file to the reno documentation build to show release notes for

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on

Sem-Ver: feature
Change-Id: Ic3ac791f083aa097412dc9075a6b20f2b148db02
2023-02-24 17:34:50 +00:00
Gorka Eguileor a82b2ffce5 Support separate privsep logging levels
Currently we don't have os_brick DEBUG log levels in Nova when setting
the service to debug mode.

That happens because Nova is forcefully setting oslo.privsep.daemon
levels to INFO to prevent leaking instance XML details (bug #1784062).

Oslo Privsep now supports per-context debug log levels, so this patch
sets the log level name for its only os_brick privsep context to
"os_brick.privileged" to differentiate it from the service it runs under
which uses the default "oslo_privsep.daemon".

This way even though Nova is still disabling its own privileged calls it
won't affect os-brick privileged calls, allowing us to properly debug
block device attach/detach operations.

Closes-Bug: #1922052
Related-Bug: #1784062
Change-Id: I0de32021eb90ca045845a6c7c7e3d27e52895948
2023-01-26 17:02:22 +01:00
OpenStack Release Bot 5a523e0539 Update master for stable/zed
Add file to the reno documentation build to show release notes for

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on

Sem-Ver: feature
Change-Id: Ia775c42636307fa35d0612937e4c949c0cc2193b
2022-09-09 10:27:45 +00:00
Gorka Eguileor 1cb6d3e1f1 Support shared_targets tristate value
Cinder microversion 3.69 adds an additional value to shared_targets
beyond true and false.  Now null/None is also a valid value that can be
used to force locking.

So we now have 3 possible values:

- True ==> Lock if iSCSI initiator doesn't support manual scans
- False ==> Never lock.
- None ==> Always lock.

This patch updates the guard_connection context manager to support the
3 possible values.

With this Cinder can now force locking for NVMe-oF drivers that share

Closes-Bug: #1961102
Depends-On: I8cda6d9830f39e27ac700b1d8796fe0489fd7c0a
Change-Id: Id872543ce08c934cefbbbdaff6ddc61e3828b1f1
2022-07-26 16:28:36 +02:00
Gorka Eguileor 4c21b40df2 NVMe-oF: Consolidate code paths
We currently have 2 different connection information formats: The
initial one and the new one.

Within the new format we have 2 variants: Replicated and Not replicated.

Currently the nvmeof connector has multiple code paths and we end up
finding bugs that affect one path and not the other, and bugs that are
present in both may end up getting fixed in only one of them.

This patch consolidates both formats by converting the connection
information into a common internal representation, thus reducing the
number of code paths.

Thanks to this consolidation the Cinder drivers are less restricted on
how they can identify a volume in the connection information.  They are
no longer forced to pass the NVMe UUID (in case they cannot get that
information or the backend doesn't support it) and they can provide
other information instead (nguid or namespace id).

This connection properties format consolidation is explained in the new
NVMeOFConnProps class docstring.

By consolidating the code paths a number of bugs get fixed
automatically, because they were broken in one path but not in the
other.  As examples, the old code path didn't have rescans but the new
one did, and the old code path had device flush but the new one didn't.

Given the big refactoring needed to consolidate everything this patch
also accomplishes the following things:

- Uses Portal, Target, and NVMeOFConnProps classes instead of using the
  harder to read and error prone dictionaries and tuples.

- Adds method annotations.

- Documents most methods (exect the raid ones which I'm not familiar

- Adds the connector to the docs.

- Makes method signatures conform with Cinder team standards: no more
  static methods passing self and no more calling class methods using
  the class name instead of self.

Closes-Bug: #1964590
Closes-Bug: #1964395
Closes-Bug: #1964388
Closes-Bug: #1964385
Closes-Bug: #1964380
Closes-Bug: #1964383
Closes-Bug: #1965954
Closes-Bug: #1903032
Related-Bug: #1961102
Change-Id: I6c2a952f7e286f3e3890e3f2fcb2fdd1063f0c17
2022-07-19 12:40:57 +02:00
Gorka Eguileor a9a53f9b50 LUKS: Support extending host attached volumes
Patch fixing bug #1861071 resolved the issue of extending LUKS v1
volumes when nova connects them via libvirt instead of through os-brick,
but nova side still fails to extend LUKSv2 in-use volumes when they
don't go through libvirt.

The logs will show a very similar error, but the user won't know that
this has happened and Cinder will show the new size:

 libvirt.libvirtError: internal error: unable to execute QEMU command
 'block_resize': Cannot grow device files

There are 2 parts to this problem:

- The device mapper device is not automatically extended.
- Nova tries to use the encrypted block device size as the size of the
  decrypted device.

This patch adds new functionality to the encryptors so that they can
extend decrypted volumes to match the size of the encrypted device.

New method added to encryptors is called "extend_volume", and should be
called after the homonymous method in the connector has been called, and
the value returned by the encryptor's extend_volume method is the real
size of the decrypted volume (encrypted volume - headers).

The patch only adds functionality for LUKS and LUKSv2 volumes, not to
cryptsetup volumes.

Related-Bug: #1967157
Change-Id: I351f1a7769c9f915e4cd280f05a8b8b87f40df84
2022-07-19 12:36:53 +02:00
Zuul a944ffc48a Merge "Support independent file lock path" 2022-07-15 19:01:27 +00:00
Zuul cd29061b94 Merge "NVMe-oF: Remove misleading exception from logs" 2022-07-15 15:19:59 +00:00
Gorka Eguileor b72c034885 Support independent file lock path
OS-Brick uses file locks to ensure single access to critital sections,
and uses the oslo concurrency "lock_path" configuration option to
determine where to create these locks.

This is fine when each host has a single service using os-brick, which
is the case of Compute nodes and Controller nodes where Glance is not
using Cinder as its backend.

The problem happens when we have an HCI deployment where Cinder and Nova
are collocated on the same host or when Glance uses Cinder as its
backend and is running on the same host.  In those scenarios os-brick
will create file locks in different paths for each service, which is not
the intended behavior.

A possible solutions is to set the "lock_path" of all the services to
the same location, which is not great, not only because we'll have all
nova, cinder, glance, and os-brick locks mixed in a single location
(service prefixes help a bit here), but also because then Cinder will
have permissions on the Nova and Glance locks, which doesn't seem right.

This patch introduces a new mechanism in os-brick to have its own
"lock_path" configuration option in the "os_brick" group.  It defaults
to the current behavior if not explicitly defined, so it will use olso
concurrency's "lock_path".

To do this the patch introduces the oslo.config dependency and adds a
new "setup" method that sets the default of the os_brick "lock_path".

This new "setup" method is required because the order in which
configuration options for the different namespaces are imported cannot
be guaranteed, so the setup must be called *after* the service has
already imported all (or at least the ones os-brick cares about)
configuration option namespaces.

In other words, when os-brick files are loaded the value for oslo
concurrency's "lock_path" is not yet known, so it cannot be used as a
default, and the oslo_config substitution feature does not support
values from other namespaces, so we cannot default the "lock_path" from
the os_brick namespace to the value in "oslo_concurrency".

Since the value that is going to be used as the "lock_path" is not known
until the "setup" method is called, we cannot use the standard
"synchronized" method from "oslo_concurrency.lock_utils" and we need to
use our own.

In the current os-brick code, each connector that requires a lock is
importing and creating its own "synchronized" instance, but this patch
changes this behavior and creates a single instance, just like Cinder

This feature requires changes in multiple projects -os-brick, cinder,
nova, glance, glance_store, devstack- to be fully supported, but this is
the base of all this effort.

Change-Id: Ic52338278eb5bb3d90ce582fe6b23f37eb5568c4
2022-07-15 09:21:19 +00:00
Gorka Eguileor dde8f102b7 RBD: Fix disconnect_volume for encrypted volumes
After change Ie373ab050dcc0a35c749d9a53b6cf5ca060bcb58 closing bugs
connector was broken for encrypted volumes:

<== disconnect_volume:
   exception (0ms) AttributeError("'RBDVolumeIOWrapper' object has
   no attribute 'startswith'") trace_logging_wrapper

This hapens because "_device_path_from_symlink" doesn't take into
account of the file handle, and we were missing a unit test for this

Closes-Bug: #1981455
Change-Id: Ib001e2b4d1347754c2b46730bc10d86e8cdab7ad
2022-07-12 16:31:43 +02:00
Gorka Eguileor c5076c37cb Read HBA information from sysfs
We were gathering HBA information using the systool command line tool,
but this tool is no longer going to be packaged in some Operating
Systems, for example in RHEL9 where the sysfsutils package is being

To prevent os-brick from breaking in those systems this patch removes
the usage of the command and reads the necessary information from sysfs.

Conveniently reading from sysfs should also be faster because we no
longer need to make a privsep call to run a command, instead we are
reading the minimum number of files and information possible.

Change-Id: Idb8b0c22a30e52c7f84a54dd9f410ff657f502a4
2022-06-24 13:04:55 +02:00
Zuul 7f747456dc Merge "Avoid volume extension errors caused by multipath-tools version" 2022-06-07 09:14:30 +00:00
Zuul 4b9684702a Merge "Add NVMeoF Multipathing support Phase 1 (Native) implementation of NVMeoF Multipathing." 2022-06-06 14:56:38 +00:00
Lior Friedman 4d0103dddb Add NVMeoF Multipathing support
Phase 1 (Native) implementation of NVMeoF Multipathing.

Change-Id: I3af33c5e43cfb104e436fb785b08fb28b50a031a
2022-06-06 06:14:04 +00:00
zhaoleilc 557f38677a Avoid volume extension errors caused by multipath-tools version
`multipathd reconfigure` is an asynchronous command as of
multipath-tools 0.6.1 [1][2], potentially even before that [3].

Extending in-use iSCSI or FC volumes can fail because of that
as `multipathd resize map` will output "timeout" while the
"multipathd reconfigure" operation is still in progress.

This commit will ensure that multipathd errors are handled
accordingly, retrying in case of timeouts for up to 2 minutes.

[3] b21c567961/multipathd/cli_handlers.c (L847-L851)

Change-Id: I66e866700728eee7160f48455258c3974ada55bf
Closes-Bug: #1888675
2022-05-27 10:47:54 +03:00
Gorka Eguileor 1583a5038d Fix encryption symlink issues
This patch fixes 2 issues related to the symlinks, or lack of, that
connectors' connect_volume methods return.

Some connectors always return the block device instead of a symlink for
encrypted volumes, and other connectors return a symlink that is owned
by the system's udev rules.  Both cases are problematic

Returning the real device can prevent the encryptor connect_volume to
complete successfully, and in other cases (such as nvmeof) it completes,
but on the connector's disconnect volume it will leave the device behind
(i.e., /dev/nvme0n1) preventing new connections that would use that same
device name.

Returning a symlink owned by the system's udev rules means that they can
be reclaimed by those rules at any time.  This can happen with
cryptsetup, because when it creates a new mapping it triggers udev rules
for the device that can reclaim the symlink after os-brick has replaced

This patch creates a couple of decorators to facilitate this for all
connectors. These decorators transform the paths so that the callers
gets the expected symlink, but the connector doesn't need to worry about
it and will always see the value it returns regardless of what symlink
the caller gets.

From this moment onwards we use our own custom symlink that starts with

The patch fixes bugs in other connectors (such as the RBD local
connection), but since there are no open bugs they have not been

Closes-Bug: #1964379
Closes-Bug: #1967790
Change-Id: Ie373ab050dcc0a35c749d9a53b6cf5ca060bcb58
2022-05-24 15:01:00 +02:00
Ghanshyam Mann 6ca48e79ba Update python testing as per zed cycle teting runtime
In Zed cycle, we have dropped the python 3.6/3.7[1] testing
and its support.


Change-Id: I0373229fdceabb38a56ed9b94c5ef561b79577b3
2022-05-10 19:50:04 -05:00
Gorka Eguileor e17bdf969b NVMe-oF: Remove misleading exception from logs
When disconnecting a non-replicated volume that uses the newer
connection properties format we'll get some exception trace logs that
could make us think that something went wrong, when in reality this is

Mar 09 11:14:42 localhost.localdomain nova-compute[988198]: DEBUG oslo.privsep.daemon [-] privsep: Exception during request[95eb2bcc-e4eb-4f5b-b823-56fd7aa338c6]: Unexpected error while running command.
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]: Command: blkid /dev/nvme0n2 -s TYPE -o value
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]: Exit code: 2
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]: Stdout: ''
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]: Stderr: '' {{(pid=988326) _process_cmd /usr/local/lib/python3.6/site-packages/oslo_privsep/}}
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]: Traceback (most recent call last):
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]:   File "/usr/local/lib/python3.6/site-packages/oslo_privsep/", line 476, in _process_cmd
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]:     ret = func(*f_args, **f_kwargs)
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]:   File "/usr/local/lib/python3.6/site-packages/oslo_privsep/", line 274, in _wrap
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]:     return func(*args, **kwargs)
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]:   File "/opt/remote_brick/os_brick/privileged/", line 197, in execute_root
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]:     return custom_execute(*cmd, shell=False, run_as_root=False, **kwargs)
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]:   File "/opt/remote_brick/os_brick/privileged/", line 146, in custom_execute
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]:     on_completion=on_completion, *cmd, **kwargs)
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]:   File "/usr/local/lib/python3.6/site-packages/oslo_concurrency/", line 441, in execute
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]:     cmd=sanitized_cmd)
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]: oslo_concurrency.processutils.ProcessExecutionError: Unexpected error while running command.
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]: Command: blkid /dev/nvme0n2 -s TYPE -o value
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]: Exit code: 2
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]: Stdout: ''
Mar 09 11:14:42 localhost.localdomain nova-compute[988198]: Stderr: ''

This patch calls the command execution in a way that no longer shows
such exception.

Closes-Bug: #1964389
Change-Id: I1c54e1ff3026cffe49b303f01e43d1b90d0bf3bc
2022-03-17 15:52:23 +01:00
OpenStack Release Bot 56bf0272b5 Update master for stable/yoga
Add file to the reno documentation build to show release notes for

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on

Sem-Ver: feature
Change-Id: I8f2e1f690e3f47f7f34c7dfe53886be129e3d891
2022-02-18 15:32:57 +00:00
Zuul feb62fa228 Merge "Failure to generate hostnqn in case missing "show-hostnqn" sub-command" 2022-02-17 19:47:19 +00:00
yuval brave 26620473fe Failure to generate hostnqn in case missing "show-hostnqn" sub-command
- openstack version: Xena
- kolla on ubuntu focal 20.04
the installed version of nvme is 1.9, this version doesn't have the
command "show-hostnqn".
In case of missing hostnqn file, it will fail to create hostnqn
the exit error code is 231 and is not caught by the
try-except block.

Here we try to parse the stdout to check if the
subcommand (show-hostnqn) is not supported.
if its not, we continue to try and create the hostnqn.

Change-Id: I318f167baa0ba7789f4ca2c7c12a8de5568195e0
2022-02-17 11:03:31 +02:00
Brian Rosmaita 6fc125b036 Add "known issues" note to yoga os-brick release
Change-Id: Id3af3d430ac133ae870fa5fd9e20f136d0f55fe3
2022-02-16 14:29:12 -05:00
Zuul 4586b45e76 Merge "Fix PowerFlex connector HTTPS certificate validation" 2022-02-14 18:33:20 +00:00
Zuul a6abad02a0 Merge "nvmeof connector utilize replica_count" 2022-02-14 18:06:58 +00:00
Zuul 8ae8179d5c Merge "NVMeOF connector support multipath-enabled kernels" 2022-02-14 18:06:56 +00:00
Zohar Mamedov 49114867f9 nvmeof connector utilize replica_count
nvmeof connector methods handling volumes with volume_replicas should
utilize replica_count parameter in connection_information to
determine method of device exposure to host

Closes-Bug: #1938870
Change-Id: I629b80b208295c0e6bc9f18ad8e6905759e6593e
2022-02-09 08:14:30 +00:00
Zohar Mamedov 5614196e53 NVMeOF connector support multipath-enabled kernels
Use the '/sys/class/block/<ctrl>n*' form for finding nvme devices.
This way is more generic, and is mainly beneficial because the device name format does not change as it does in '/sys/class/nvme-fabrics/ctl/*' - where it is 'nvme*c*n*' vs 'nvme*n*' for multipath-enabled vs disabled kernels.

Closes-Bug: #1943615
Change-Id: Ib8e5d79e7dbae0867c794f35ff3350419d2cdf09
2022-02-02 10:41:38 +00:00
Muli Ben-Yehuda 593870338e releasenotes: add Lightbits LightOS connector release note
Signed-Off-By: Muli Ben-Yehuda <>
Change-Id: Idb9c9b711bf729e8f8dfd83db2e81f6f95a4f789
2022-02-02 08:45:25 +00:00
Gorka Eguileor 6a43669edc Use file locks in connectors
Currently os-brick is using in-process locks that will only prevent concurrent
access to critical sections to threads within a single process.

But based on the comment from iSCSI it seems like the code assumed that
these were file based locks that prevented concurrent access from
multiple processes.

Mentioned iSCSI comment is being removed because it's not correct that
our current retry mechanism will work with connect and disconnect
concurrency issues.

The reason why we haven't seen errors in Nova is because it runs a
single process and locks will be effective.

This is probably also not an issue in some transport protocols, such as
FC and RBD, and it wouldn't be an issue in iSCSI connections that don't
share targets.

But for others, such as  iSCSI with shared targets and NVMe-OF, not
using file locks will create race conditions in the following cases:

- More than 1 cinder backend: Because we can have one backend doing a
  detach in a create volume from image and the other an attach for an
  offline migration.

- Backup/Restore if backup and volume services are running on the same

- HCI scenarios where cinder volume and nova compute are running on the
  same host, even if the same lock path if configured.

- Glance using Cinder as backend and is running on the same node as
  cinder-volume or cinder-backup.

The problematic race conditions happen because the disconnect will do a
logout of the iSCSI target once the connect call has already confirmed
that the session to the target exists.

We could just add the file locks to iSCSI and NVMe, but I think it's
safer to add it to all the connectors and then, after proper testing, we
can can change back the locks that can be changed, and remove or reduce
the critical section in others.

Closes-Bug: #1947370
Change-Id: I6f7f7d19540361204d4ae3ead2bd6dcddb8fcd68
2021-11-11 15:52:21 +01:00
Zuul d0e7622991 Merge "multipath/iscsi: iSCSI connections are not reinitiated after reboot" 2021-10-07 22:31:39 +00:00
Sophie Huang 8832c53899 multipath/iscsi: iSCSI connections are not reinitiated after reboot
After compute host reboot, in an iSCSI/multipath environment, some
of the connections to the iSCSI portal are not reinitiated and missing
iSCSI devices are observed. This patchset introduced retries for this
particular scenario.

Closes-Bug: #1944474
Change-Id: I60ee7421f7b792e8324286908a9fdd8fb53e433e
2021-10-06 14:34:26 +00:00
Vladislav Belogrudov dd90bb6356
Fix paths for NVMe devices (non-nguid)
Fixed regression introduced by, where
connect_volume method returned a list with a single path instead of
just the path.

Closes-Bug: #1945323
Change-Id: I5e5b13dd73ab8d30439de76dd73eb41b763e7f05
2021-09-30 18:16:27 +03:00
olegnest adde4de38d Fix PowerFlex connector HTTPS certificate validation
Closes-Bug: #1929223

Change-Id: Ia73c391d2fafde119e0bb4914c30b48b4300e330
2021-09-23 20:38:14 +03:00
OpenStack Release Bot 5c311d1aca Update master for stable/xena
Add file to the reno documentation build to show release notes for

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on

Sem-Ver: feature
Change-Id: Ia92a0a3bb448f1de77038d83ca81056589a05cbc
2021-08-23 20:49:00 +00:00