0bd041a6dc
Calls an ansible role to create an LVM2 filter. Change-Id: Ia01d23e252bc48b7cc6c66cd39138e6844b90a69 Depends-On: I9781007559e074f2b102f6f90c1aed6def1b02be Closes-Bug: 1855704
24 lines
1.2 KiB
YAML
24 lines
1.2 KiB
YAML
---
|
|
features:
|
|
- |
|
|
To isolate LVM volumes created by compute guests, within Cinder volumes, from
|
|
the LVM volumes created/managed by the host itself, a new task has been
|
|
introduced to create an allowlist and denylist of devices which should be
|
|
accessible (or not) to the host, configured in lvm.conf using the
|
|
global_filter key.
|
|
The allowlist is generated gathering the list of existing in-use physical
|
|
disks (or partitions) and appending to it any user provided device passed
|
|
via `LVMFilterAllowlist` parameter.
|
|
The denylist is configured via `LVMFilterDenylist` and defaults to ['.*'],
|
|
which means it blocks any device not explicitly allowed.
|
|
Both the list parameters can be specified per-role.
|
|
The feature is, by default, disabled and can be enabled passing
|
|
`LVMFilterEnabled: true`; when disabled the existing lvm.conf won't be
|
|
touched and a version of it which includes the global_filter will be left,
|
|
for debugging, in `/tmp/tripleo_lvmfilter.conf`.
|
|
fixes:
|
|
- |
|
|
As per launchpad bug 1855704, the lvmfilter task aims at hiding to the
|
|
host the LVM2 volumes created by compute guests in Cinder volumes or
|
|
Glance images.
|