This change replaces all uses of rootwrap with a trivial privsep-based
equivalent. This replacement simply executes commands as the privsep
user *without any additional checks*.
There are 2 reasons why this is a reasonable thing to do:
1. We don't have a good workflow for merging rootwrap filter changes
into parent projects (nova/cinder) for a loosely-coupled library like
os-brick.
2. The previous situation was also insecure. The os-brick.filters
rootwrap config permitted commands like "dd" and "cp" with any
arguments, as root. This would have posed only a mild inconvenience
to an attacker. With privsep we can at least (in principle) limit
the commands to the privsep uid/gid and Linux
capabilities (CAP_SYS_ADMIN by default with this change).
This change addresses the urgency of (1). Later refactors will take
greater advantage of privsep to address (2).
Change-Id: I0af542eba97d2f89b1c283bf1e1e985d9690f5de
Depends-On: I90dc41bc77993bd83b80c92286e015e14f290b45
# nova: nova.conf: Set privsep_rootwrap.helper_command
Depends-On: I4e333e73ddfd45c045b9d32dac1506fc25858c4d
# nova: Add os-brick rootwrap filter for privsep
Depends-On: I8a0b1728cc66c4861f69623b1b16b1f759b57b25
# cinder: cinder.conf: Set privsep_rootwrap.helper_command
Depends-On: I3b2e337321875cf4abc0ab9b44fe17cf9327d88b
# cinder: Add os-brick rootwrap filter for privsep
Depends-On: I4299c2fc059807610f83e12a2d470e020930c64c
# privsep: Switch to msgpack for serialization
Depends-On: Ied1ef4fc945e18516b39d1f20d58425cb633dc74
# requirements: require oslo.privsep>=1.5.0 for msgpack fix
This is a staticmethod, so it should be called via
the LVM class.
pylint:
["Instance of 'BrickLvmTestCase' has no 'fail' member", ""]
Change-Id: I5165606df4965103b114dceb6b0bcc384aa4fe80
For ISCSIConnector, _get_multipath_device_name is used for discovery
of a multipath device. However, the functionality is duplicated with
InitiatorConnector's _discover_mpath_device.
_discover_mpath_device is more generic. So get_multipath_device_name
should be replaced.
This patch removes _get_multipath_device_name from ISCSIConnector and
replace it with _discover_mpath_device. And the related tests are removed.
Change-Id: I15e2cfe48468b52090b677a2b1c6175420a8c9ec
Close-Bug: #1550651
There was a case where the InitiatorConnector's
get_all_available_volumes function was returning None
instead of an empty list. It was happening when the search
path did not exist on the system.
This patch changes the logic so that by default an empty list
is always returned.
Closes-Bug: #1553445
Change-Id: I180a9280d3b1f2f645d7240129f00755d17958a2
The "Scaling backup service" patch [1] in Cinder (merged a couple of days
ago) uses os-brick to perform a local attach volume. It revealed that the
support for Scality SOFS in os-brick was broken. (we did have a CI in
Cinder but the os-brick code path was not fully exercised until [1] merged).
This patch addresses this issue. The patch introduces a new class called
`ScalityRemoteFsClient` which inherits from `RemoteFsClient`. We can't
strictly use the `RemoteFsClient` because how to mount Scality FS is
a bit different from other FS.
Note that without this patch, the Scality Cinder driver is broken, more
precisely cinder backup is broken. So I would appreciate if we can merge
that for Mitaka (which needs another minor/micro(?) release of os-brick)
[1] https://review.openstack.org/#/c/262395/
Change-Id: Icfa09b124d252d1d6b07d9cff8c63c7c0d65cc30
A __init__.py file was missing. Also fix a unit test which failed
with 'TypeError: _patch_object() takes at least 2 arguments (1 given)'
Change-Id: I92e36ca1978d497f42573b61b6b1b03bbbd35f23
No need to actually wait in unit tests. This patch decreases the unit
tests run time by about 24 seconds.
Change-Id: I502e15e0fd2d8238f6b6b7089eb38d4d7b55114b
This fixes the logic in how we set the multipath_id in the device_info.
If the returned multipath_id is None, we didn't find a multipath device
and we don't set the multipath_id. This is exactly what we do for FC.
Change-Id: Ic1f598da59ccda634b765d65706e02d1a4caff30
Closes-Bug: #1547539
This patch is to add sheepdog connection in os-brick.
Most of codes are referred from sheepdog in volume drivers.
Change-Id: I358e66e11ba1c44741fdaed41eb7eb66706f92fb
The multipath -ll output is logged at debug level but by
default debug level logging is disabled. If we fail to parse
the output of multipath -ll to get the device map, we should
include the command output in the warning message since INFO+
logging is enabled by default.
Change-Id: Ib66c254e6eb4394382fc928d833a3a1818336b9b
Closes-Bug: #1546773
In the refactoring of the multipath discovery code from the FC connector
we missed a class member in FC getting migrated into the base class.
This resulted in the original path not existing in the base class and
in turn breaking iSCSI multipath.
Change-Id: I7492fdf0d6d4ec6a17a937d88895449f946a1c3c
Closes-Bug: #1545198
This patch addresses the issue where lun id's values are larger
than 255 and are being kept as integers. This causes the volume and
search paths to be malformed and volumes can't be found. This patch
adds two functions to linuxscsi.py to process the lun id's; they can
process both a single lun id and a list of them. If a lun id has a
value larger than 255 it is converted to hex. This patch also modifies
the necessary unit tests and adds ones to cover the new main function.
Change-Id: Ib0b2f239a8152275de9ea66fa99a286dfbe53d57
Closes-bug: #1493350
The paths returned from the InitiatorConnector's
get_all_available_volumes function had a typo
where one of the forward slashes was missing.
Example:
/dev/disk/by-pathfake-ip-lun0
This patch revises the way the paths are queried so that the
forward slash is included.
Example:
/dev/disk/by-path/fake-ip-lun0
Closes-Bug: #1543238
Change-Id: I7eea70a32549c9d18820a5ce2155ecf93250158e
When failed to execute "multipath -l" in find_multipath_device,
raise an exception instead of printing warning only.
Change-Id: I593b49d1637c7077e51a2db343e5b1eec3053536
Closes-Bug: #1519363
This patch continues work on making the connect_volume methods
more efficient. Using multipath -l to find the available multipath
devices can take a lot of time listing all of the potential
devices. Previously, the FC connector had been modified to skip
the use of multipath -l.
This patch takes the FC code and makes it into a generic method to
be used in the ISCSI connector and the FC connector and updates tests.
I also fixed argument order in assertEquals() in the
test_connect_volume_with_multipath() function.
Closes-Bug: #1487169
Change-Id: If480df7c17a6f1c2ecebc0e00f5938d3056776fd
This patch adds strip() call to the return value
of the blockdevice call to fetch the size. Sometimes we get a newline
after the size value.
Change-Id: I5917c0ad1a94b9d8ca6a41b278f9156193198a1d
Closes-Bug: #1535913
This commit adds the os-brick connector for the
ITRI DISCO cinder driver
This commit also includes the ITRI DISCO connector unit test.
The cinder driver itself has been commited in cinder but not merged yet.
( ref : https://review.openstack.org/#/c/253356/ )
I first commit this connector, then the part in nova
( ref : https://review.openstack.org/#/c/253353/ )
finally I committed the connector in cinder
Note that the patch for nova requires this commit to be merged
to pass the unit test.
Change-Id: I81036a58ab334a7e047f7fa5486c11fd19d24b8f
Implements: blueprint disco-driver-cinder
This patch adds the new extend_volume API to the connector objects.
The purpose of this patch is to add the ability to notify the host
kernel when an attached volume has been resized. This allows both
raw device paths and multipath devices to get new sizes on the fly
without detaching and then reattaching to the host.
Cinder Spec:
https://review.openstack.org/#/c/243730/
To manually test:
Use the brick_resize.py tool here:
https://github.com/WaltHP/diediedie/blob/master/diediedie/brick_resize.py
sample brick.conf to output debug logging for the brick_resize.py tool
https://gist.github.com/WaltHP/e9b71e0ea1b1d9097762
After a successful resize, find the virt domain name
then run
virsh blockresize <domain name> <path to raw device> <new size>
for example,
blockresize instance-00000007 /dev/disk/by-id/dm-uuid-mpath-350002ace1dda383d 3145728
Implements blueprint: brick-extend-attached-volume
Change-Id: I19858dd47afe3bdb3dd25c1dfead732a804cdee2
Walter A. Boring IV