The change is being reverted as it broke the Brocade FC SAN lookup
functionality. The change uses configuration options from
ssh_utils that are not initialized when the Brocade driver is
run causing an exception to be thrown complaining that
CONF.ssh_hosts_key_file is used before it is initialized.
The right solution is to change the Brocade driver to use ssh_utils to
make SSH connections.
Adam Gandelman [Thu, 4 Dec 2014 20:22:25 +0000 (12:22 -0800)]
Remove check_uptodate.sh check from tox.ini
This removes the check_uptodate.sh test from the py2* tox envs and
run_tests.sh. It also syncs the sample config one last time to document
some new options available to users running with the newer
oslo.messaging versions.
The backing VM corresponding to a volume is cloned during create volume
from another volume, snapshot or image. The backing VM is also cloned
during retype and backup restore. Currently, the target ESX host is
unset while calling vCenter CloneVM_Task API and hence the source ESX
host is used as the target. If the destination datastore returned by
the datastore selection logic is not accessible to the source host,
clone fails. This patch fixes the problem by setting the target ESX
host (returned by datastore selection logic) while invoking clone.
Vincent Hou [Fri, 10 Oct 2014 07:46:36 +0000 (15:46 +0800)]
IBM Storwize driver: Add local variable assignment to "ctxt"
* The method get_vdisk_params in helpers.py is missing a local variable
assignment for "ctxt", causing "UnboundLocalError: local variable
'ctxt' referenced before assignment. Adding the assignment should
resolve this issue.
* Add the unit tests coverage for get_vdisk_params.
Lucian Petrut [Fri, 14 Nov 2014 16:22:04 +0000 (18:22 +0200)]
Change CHAP secret default length
Some of the iSCSI initiators have a limit regarding the maximum
CHAP secret length. For example, the MS iSCSI Initiator
does not allow CHAP secrets longer than 16 characters, smaller
than the actual default 20 characters length.
This patch simply changes the default length to 16 characters,
value which is already used by default by some of the volume
drivers. In fact, the iSCSI specs state that: "Implementations
MUST support use of up to 128 bit random CHAP secrets".
Tomoki Sekiyama [Mon, 20 Oct 2014 18:32:55 +0000 (14:32 -0400)]
TgtAdm: Don't change CHAP username/password on live migration
As tgtd doesn't update CHAP username/password while the initiator is
connected, CHAP username/password must not be changed while a Nova
instance are performing live-migration; otherwise the compute node
which the instance migrates to cannot login to the volume and the
migration process is aborted.
This fixes TgtAdm implementation not to regenerate random
username/password every time initialize_connection is called.
Also, it enables CHAP auth in unit tests of TargetAdmin helpers.
Brianna Poulos [Thu, 6 Nov 2014 21:07:16 +0000 (13:07 -0800)]
Fix wrapper to work with barbicanclient 3.0.1
Due to the updates to the python-barbicanclient in version 3.0.1, the cinder
barbican wrapper no longer functions. This patch updates the cinder barbican
wrapper and test cases to work with barbicanclient 3.0.1.
Jay S. Bryant [Mon, 17 Nov 2014 19:11:03 +0000 (13:11 -0600)]
Update cinder.conf.sample to fix max db conn retries
Another external library change (oslo.db) has broken the gate
because cinder.conf.sample appears to be out of date. The change
was just to a message string:
Maximum number of database connection retries during
startup. Set to -1 to specify an infinite retry count. (integer value)
->
Maximum db connection retries during startup. Set to -1 to
specify an infinite retry count. (integer value)
This patch updates cinder.conf.sample to get beyond this failure. The
Cinder team will be talking about how to avoid these issues in the future.
Matthew Edmonds [Tue, 11 Nov 2014 21:03:23 +0000 (16:03 -0500)]
Fix Brocade FC SAN lookup MITM vulnerability
Modify the Brocade FC SAN lookup service implementation to use the
same SSH key config properties used elsewhere rather than relying on
arguments which are non-standard and never passed by the base lookup
service.
John Griffith [Tue, 4 Nov 2014 22:34:28 +0000 (23:34 +0100)]
Remove test_barbican from keymgr tests
Unfortunately it seems we have some very poorly
written keymgr unit tests, specifically
keymgr/test_barbican.py does this:
from barbicanclient.common import auth
First problem is that from a unit test perspective
that pretty much sucks, second problem is that
barbicanclient as of version 3.0.0.0 no longer
has an "auth" module, as a result Cinderunit tests
now fail.
The test_barbican.py unit tests need to be rewritten
to mock out the client components and actually test
Cinder components where needed without relying on
the barbicanclient.
For now in order to free up the gate, remove test_barbican.py
abhishekkekane [Tue, 21 Oct 2014 09:31:15 +0000 (02:31 -0700)]
Eventlet green threads not released back to pool
Presently, the wsgi server allows persist connections hence even after
the response is sent to the client, it doesn't close the client socket
connection.
Because of this problem, the green thread is not released back to the pool.
In order to close the client socket connection explicitly after the
response is sent and read successfully by the client, you simply have to
set keepalive to False when you create a wsgi server.
DocImpact:
Added wsgi_keep_alive option (default=True).
In order to maintain the backward compatibility, setting wsgi_keep_alive
as True by default. Recommended is set it to False.
Xing Yang [Thu, 9 Oct 2014 05:26:28 +0000 (01:26 -0400)]
Use look up service for auto zoning
The VMAX FC driver didn't use the look up service for auto zoning.
Instead it built initiator target map itself. However, that
requires the initiator to log into the fabric before zoning
in order to find out target WWNs.
This patch is to use the look up service to find out valid initiator
target WWNS and use that to build initiator target map. With this fix,
the initiator is no longer required to log into the fabric ahead of time.
During create_backup failure handling, backup_update fails with
DataError ("Data too long for column") if the fail_reason is
greater than 255 characters. As a result, backup status is stuck
in 'creating' state. This patch avoids the problem by truncating
fail_reason to 255 characters before update.
The WSDL URL of storage policy service is determined and a session is
created using it in do_setup(). This session is later used to initialize
the datastore selector property (ds_sel), which uses the session for all
storage policy related API calls.
After commit a8fa3ceb1e72bac2ab67f569a2ca009f995f59fd (Integrate
OSprofiler and Cinder), the properties defined in vmdk module are called
before do_setup(). As a result, the ds_sel (datastore selector) property
is initialized with a session instance containing a 'None' PBM (storage
policy service) WSDL URL. This results in failures of all storage policy
related APIs invoked using datastore selector. This patch fixes the
problem by re-initializing the property in do_setup().
Navneet Singh [Fri, 23 May 2014 04:57:33 +0000 (10:27 +0530)]
NetApp fix for default host type in eseries
This fixes the issue where the default host type
provided in mapping should be high performing LnxALUA
type for eseries. It also makes it configurable in case
users want to configure a different host type.
Tomoki Sekiyama [Tue, 14 Oct 2014 23:09:44 +0000 (19:09 -0400)]
Fix LVM iSCSI driver tgtadm CHAP authentication
Currently CHAP Authentication in LVM iSCSI driver with tgtadm does not work.
This is because the tgtadm helper creates the target configuration file
with an 'IncomingUser' entry, which is ignored by tgtd.
This patch fixes it to 'incominguser'.
Mitsuhiro Tanino [Tue, 14 Oct 2014 16:41:41 +0000 (12:41 -0400)]
Export cinder volumes only if the status is 'in-use'
Currently, cinder volumes are exported both 'in-use' and 'available'
after restarting cinder-volume service.
This behavior was introduced following commit.
If the volumes are attached to nova instances, they should be exported
via tgtd after restarting cinder-volume.
But the volumes which are not attached to instances must not be exported
because everyone can connect these volumes.
This patch changes volume export behavior that exports a volume only if
the volume status is 'in-use'.
John Griffith [Tue, 7 Oct 2014 17:49:58 +0000 (11:49 -0600)]
Make sure device support Direct before setting
We added '-t none' option to the qemu-img convert operation
in image_utils.py a while back to accomodate a couple of
backend devices that didn't flush writes on disconnect.
(Change: I7a04f683add8c23b9125fe837c4048ccc3ac224d)
The only problem here is that some backend devices don't
support Direct mode and raise an exception and fail when
setting this option.
This patch adds a simple check using dd to see if the dest
supports the Direct flag and only sets '-t none' if the device
does in fact support it.
Additionally it was brought up that even yet other backends
are using file devices not blk devices. In their case setting
Direct will still work, however it's sub-optimal as qemu-convert
has internal mechanisms to make sure flushing etc are done
correctly and efficiently for those devices. So to accomodate
that particular use case I'm also adding a check if blk dev
that can be used for determining whether to set Direct for the
qemu-convert process.
Juan Zuluaga [Wed, 24 Sep 2014 22:51:07 +0000 (18:51 -0400)]
ZFSSA iSCSI vol create fails with vol type option
Vol create with volume-type option is not working since
volume_backend_name contains the class name as
predefined string. No matter what was specified in cinder.conf
as volume_backend_name, volume creation failed.
Multi-backend option and using extra specs to create custom volumes
won't work.
The fix is to look whether volume_backend_name is part of the
configuration or falls into the class name in case there is
no backend name.
Sean McGinnis [Fri, 26 Sep 2014 20:21:35 +0000 (15:21 -0500)]
Handle eqlx SSH connection close on abort.
EqualLogic array CLI operation timeout causes the
SSH thread to be aborted. This would cause SSH
sessions to be orphaned and hit a max connection
limit on the array. This fix catches these aborts
and makes sure the connection is closed.
Patrick East [Tue, 30 Sep 2014 18:47:42 +0000 (11:47 -0700)]
Fix race condition in ISCSIConnector _disconnect_volume_multipath_iscsi
This is a similar issue as seen in
https://bugs.launchpad.net/cinder/+bug/1375382
The list of devices returned by driver.get_all_block_devices() in
_disconnect_volume_multipath_iscsi will potentially contain broken
symlinks as the SCSI devices have been deleted from calling
self._linuxscsi.remove_multipath_device(device_realpath) right before
_disconnect_volume_multipath_iscsi but the udev rule for the symlink
may not yet have completed.
Adding in a check to os.path.exists() will ensure that we will not
consider the broken symlinks as an “in use” device.
Clinton Knight [Fri, 26 Sep 2014 16:07:44 +0000 (12:07 -0400)]
Deprecate / obsolete NetApp volume extra specs
The NetApp Data ONTAP (Cluster-mode) NFS & iSCSI drivers for Juno support
the Cinder pools feature, but the drivers are reporting two qualified
extra specs that must be converted to unqualified extra specs in order to
be used by the Cinder scheduler's capability filter. Furthermore, there
are four extra specs that must be deprecated due to having the pools
feature. Warnings will be logged during volume creation if any of the
obsolete or deprecated extra specs are seen in the volume type.
Vincent Hou [Fri, 12 Sep 2014 08:10:02 +0000 (16:10 +0800)]
IBM Storwize driver: Retype the volume with correct empty QoS
* Currently for Storwzie driver, if the new type does not have QoS
configurations, the old QoS configurations remain in the volume after
retyping it. It should be retyped into a volume with empty QoS for the
Storwize driver.
* Refactor three dicts into one for better maintainance of the QoS keys
for Storwize driver.
Windows SMBFS: Handle volume_name in _qemu_img_info
The volume_name is now parsed to the _qemu_img_info wrapper. As
this method is not prone to security issues because this driver
does not support raw images (at least not yet), we don't have to
perform any checks on the backing image file path.
Thus, this method simply ignores this argument that will be parsed
by the base class methods.
Patrick East [Mon, 29 Sep 2014 17:54:22 +0000 (10:54 -0700)]
Fix race condition in ISCSIConnector disconnect_volume
The list of devices returned by driver.get_all_block_devices() will
sometimes contain broken symlinks as the SCSI device has been deleted
but the udev rule for the symlink has not yet completed.
Adding in a check to os.path.exists() will ensure that we will not
consider the broken symlinks as an “in use” device.
VMware:Unquote folder name for folder exists check
vCenter server escapes special characters in the folder name using URL
encoding and returns back the encoded string while querying. This causes
the check for folder existence to return false. Therefore, folder
creation is reattempted which eventually fails. This patch fixes the
problem by decoding the folder name returned by vCenter before
comparison.
ArkadyKanevsky [Wed, 27 Aug 2014 21:47:37 +0000 (16:47 -0500)]
Fixing format for log messages
code_cleanup_batching for EQL driver
Follow log essage format for i18n - http://docs.openstack.org/developer/oslo.i18n/guidelines.html#adding-variables-to-log-messages
Jay S. Bryant [Thu, 25 Sep 2014 20:58:41 +0000 (15:58 -0500)]
Update /etc/cinder/cinder.conf.sample for memcache
It appears that an update to keystone middleware earlier today
added options for memcache_secret_key, memcache_pool_dead_retry,
memcache_pool_maxsize, memcache_pool_socket_timeout,
memcache_pool_unused_timeout, memcache_pool_conn_get_timeout and
memcache_use_advanced_pool. The commit that added these options
was: a7beb50b38be5c3dd4c44d68ad79d1bb206dab6b - "Add an optional
advanced pool of memcached clients".
This has once again caused the check_uptodate.sh script to fail.
During attach to a nova instance, the backing VM corresponding to the
volume is relocated only if the nova instance's ESX host cannot access
the backing's current datastore. The storage profile is ignored and
the volume's virtual disk might end up in a non-compliant datastore.
This patch fixes the problem by checking storage profile compliance of
the current datastore.
Rick Chen [Wed, 24 Sep 2014 09:08:52 +0000 (17:08 +0800)]
Failed to re-detach volume when volume detached.
When first request command detach the volume, but the back-end
storage state is in-processing or busy. Next retry command will
got the error code that describe the volume already detached.
Jay S. Bryant [Fri, 19 Sep 2014 17:46:21 +0000 (12:46 -0500)]
Fix unnecessary WSGI worker warning at API startup
There was a bug in WSGIService in the way that it was
checking the osapi_volume_workers option. It was using
getattr() to see if the option was set, if not it was supposed
to set the value to processutils.get_worker_count(). This,
however, never happened because getattr interpreted the default
'None' value to be a value. So, on any system with no value set
the self.workers < 1 check would be hit and a warning would be
output.
Nova had changed their approach to this option to avoid this
problem. This patch pulls Nova's approach into Cinder for
consistency. Cinder will now use processutils.get_worker_count()
if no option is set in /etc/cinder/cinder.conf and when the user sets
osapi_volume_workers to 0. A negative value will cause an
InvalidInput exception to be thrown.
Code Review / openstack-build / cinder-build.git / log