Jacob Gregor [Thu, 13 Aug 2015 20:31:16 +0000 (15:31 -0500)]
Reduced file size to prevent timeout
We currently have a test system that appears to be I/O constrained
and is hitting timeouts. Rather than mocking out the file copy, we
decided to reduce the file size in order to avoid timeouts. This way
we are not changing the way these test cases work, but we are reducing
the time required to run each test case. This patch will help improve
check and gate performance as well.
Joseph Vokt [Fri, 10 Jul 2015 20:10:40 +0000 (13:10 -0700)]
3PAR: Adding performance metrics to volume status
If one storage backend has high load while another has lower load,
when a user/admin creates a volume, the current evaluator/scheduler
may place the volume on the backend with higher load. In many cases,
the evaluator/scheduler should place that volume on the backend
with the lowest load for load balancing purposes. In general, for load
balancing virtual volume placement, an evaluator/scheduler needs
access to performance metrics (e.g. IOPS throughput, bandwidth,
latency, IO size) to measure load, but Cinder drivers don't generally
report those metrics.
Although these performance metrics are available from the 3PAR CLI,
they are currently inaccesible in the evaluator/scheduler. The
proposed changes add these metrics to the volume status report and
thus make them accesible by the evaluator/scheduler.
In cinder/volume/drivers/san/hp/hp_3par_common.py, uses the 3PAR
client method HP3parClient.getCPGStatData to get performance metrics,
and adds new fields in the output of HP3PARCommon.get_volume_stats
corresponding to the performance metrics: IOPS throughput, bandwidth,
latency, io_size, queue_length, and avg_busy_perc. These metrics are
taken by averaging samples taken once per day for the last week.
In cinder/tests/unit/test_hp3par.py, adds unit tests in
TestHP3PARFCDriver.test_get_volume_stats and in
TestHP3PARISCSIDriver.test_get_volume_stats.
Kuo-tung Kao [Tue, 28 Jul 2015 09:44:57 +0000 (17:44 +0800)]
Don't use context.elevated to get volume
Original Problem:
=================
Since the metadata(readonly and attached_mode) is stored in admin metadata,
normal user need `run context.elevated` to retrieves admin metadata.
The above way will bring a side effect. Normal user can also get
any volume which the user shouldn't access when the user knows the UUID.
Solution:
=========
Use context instead of context.elevated to get volume.
And add admin metadata to it.
Based on cinder-meetup-summer-2015 conclusion, we use the solution.
The solution will need extra database connection.
Kendall Nelson [Mon, 20 Jul 2015 20:06:21 +0000 (15:06 -0500)]
Enable cinder-manage to remove services
These changes are to enable cinder-manage to remove old services
from the database like nova does. All that is being added is the remove
method to manage.py and tests to cover this new method in test_cmd.py.
The command will remove the binary from the list of running services
in the db that can be viewed via "cinder-manage service list". NOTE:
Active and restarted services will re-populate the DB with their current
status automatically.
To use this new command, the user types "cinder-manage service remove
<binary> <host>" and the service will be removed.
Gorka Eguileor [Wed, 12 Aug 2015 17:09:53 +0000 (19:09 +0200)]
On Volume list only retrieve needed data from DB
Currently when there is no limit set on a volume list query we retrieve
all volumes and then limit them locally using osapi_max_limit. Similar
thing happens when we are using the marker for next pages, we get all
volumes from that marker until the last volume and then limit it
locally.
We should be limiting it on the DB side so we only retrieve the data we
are actually going to return to the API caller.
This patch always limits the data retrieved from the DB and for the
offset to keep working as it was before we need to do the offset on the
DB side as well.
For reference some tests were performed:
On a deployment with 60,000 volumes, 370,000 volume_metadata items and
240,000 volume_glance_metadata items in cinder db. Before the patch
this will use nearly 10G memory. With the patch we will just use about
500M.
This patch changes the way we handle volume detach
attempts when the attachment_id is already detached
and/or when the volume has no attachments. We now
handle this the same way we do with deleting volumes
that don't exist. We return success.
This patch also takes care to make sure we safely reset
the volume status to what it should be depending on if
there are other attachments. If the attachment_id is
passed in and that attachment is detached, but there are
other attachments, we want to make sure that the volume is
left in an in-use state, not available.
Eric Harney [Tue, 28 Jul 2015 14:19:07 +0000 (10:19 -0400)]
Remove RetypeVD class, fix NFS driver retype
retype() only exists in the deprecated VolumeDriver() class
and not BaseVD. This means that drivers inheriting from *VD
hit attribute errors when trying to call driver.retype().
The thinking here is that RetypeVD isn't really necessary,
since all drivers must implement some version of the retype
method (even if it's a no-op with just a standard return code).
Therefore, just rely on this being in the base driver class(es)
rather than making it a separate abc class.
Michal Dulko [Thu, 13 Aug 2015 12:45:15 +0000 (14:45 +0200)]
Add objects.register_all() to cinder-all command
In cmd/all.py registration of objects was missing. This caused running
cinder-all command to raise exceptions about unknown objects. Following
commit fixes this problem.
Sasikanth [Thu, 25 Jun 2015 10:32:29 +0000 (16:02 +0530)]
GPFS volume encryption-at-rest support
This patch extends the capability of gpfs driver to support volume encryption
at rest using GPFS Native Encryption feature (https://ibm.biz/BdXPBm).
This includes:
1. Verification of configured gpfs backend to support encryption at rest.
2. Driver exposes gpfs_encryption_rest capability via volume type convention.
Usage - Cloud admin creates a volume type "encrypted" with extra-specs
gpfs_encryption_rest=True
Every volume created using type "encrypted", the volumes will be encrypted
at rest.
DocImpact
Needs an update in gpfs driver documentation, as this patch introduces
encrypted backend support.
The symlinks in /dev/disk/by-id/ (in a Linux guest OS running in VMware
ESX based Nova instance) use UUID of virtual disk as the SCSI device ID
when disk.EnableUUID is set to True in the virtual machine configuration
file. This patch sets the UUID of virtual disk corresponding to a Cinder
volume (at the time of volume creation) to volume ID so that end-users
(of Nova instance) can identify the device corresponding to an attached
volume in the guest using /dev/disk/by-id symlink.
For example, given a Cinder volume with ID = xyz, user can identify the
device corresponding to the volume in instance's guest using the symlink
/dev/disk/by-id/scsi-xyz provided disk.EnableUUID is set to True in the
instance's virtual machine configuration file (in ESX).
Note: If the UUID of the virtual disk corresponding to a volume is unset
at the time of volume creation, a random UUID will be used.
There are test cases that require oslo.vmware and the change made in the
commit for tox doesn't cover the case where run_tests.sh is used. Without
including oslo.vmware in the test-requirements file there are a number of
test cases that fail without the library installed.
This patch resolves the issue by move oslo.vmware over to the
test-requirements file.
Eric Harney [Mon, 16 Jun 2014 19:43:51 +0000 (15:43 -0400)]
LVM Thin Provisioning auto-detect
Add the ability to set lvm_type=auto, which will
enable thin provisioning if the system supports it,
and the configured volume group either:
a) has a pool LV with the expected name or
b) has no LVs
This, along with thin-provisioning accounting, will
give a path to move toward thin LVM as the default.
HP data protector's backup of vCenter inventory is failing
for 'in-use' Cinder volumes because the vmdk is attached
to two VMs (Nova instance and the backing VM corresponding
to Cinder volume). The solution is to skip the backing VM
during data protector's backup.
This patch adds key 'cinder.volume.id' with value set to
volume UUID in volume's vCenter config file so that other
vCenter solutions can uniquely identify Cinder volumes.
Skyler Berg [Tue, 4 Aug 2015 21:44:58 +0000 (14:44 -0700)]
Fix argument order for assertEqual in tests
Some tests incorrectly use the order assertEqual(observed, expected)
instead of the correct order, assertEqual(expected, observed). This
patch corrects this issue.
James Carey [Thu, 6 Aug 2015 05:13:15 +0000 (05:13 +0000)]
Fix order of parms in assertEqual for scheduler ut
When assertEqual is used it should be assertEqual(expected, observed).
Constant values are always the expected. This patch makes them the
first parameter and fixes some other non-constant cases.
Tina [Fri, 7 Aug 2015 04:33:03 +0000 (00:33 -0400)]
VNX driver needs extra params for create cg from src
The cinder manager is passing 2 additional parameters (source_cg and
source_vols) to create_consistencygroup_from_src of driver. VNX
driver needs to add these 2 parameters.
lisali [Fri, 7 Aug 2015 06:35:27 +0000 (14:35 +0800)]
Prevent creating encrypted volume with image
When creating an encrypted volume with a unencrypted image,
cinder just copies the unencrypted data to the volume,
which keeps unencrypted data in the volume.
But when booting/attaching the volume to Nova, it thinks
encrypted data on the volume. As a result, Nova reads
the data incorrectly.
The fix is to prevent such action. Later, we can
implement to write encrypted data in encrypted volumes
when creating from unencrypted image.
Matthew Edmonds [Fri, 17 Jul 2015 20:42:35 +0000 (16:42 -0400)]
mark oslo.vmware as optional dependency
Driver-specific requirements are not hard requirements, since the
choice of drivers is up to the operator. The oslo.vmware module is
herein moved out of requirements.txt and instead listed as an optional
dependency using the extras functionality in setup.cfg.
A check is added to the vmdk driver to gracefully handle import errors
if the vmdk driver is used and oslo.vmware is not found.
PranaliDeore [Wed, 17 Jun 2015 11:49:24 +0000 (04:49 -0700)]
Validate string, integer limit for input parameter
1. Below apis will return 500 error code on passing name or description
parameters with more than 255 characters:
a. consisgroup-create
b. consisgroup-update
c. cgsnapshot-create
d. quota-class-update
e. quota-update
f. qos-create
g. volume-manage
h. volume-transfer
2. Below apis will return 500 error code on passing 'hard_limit' value
greater than mysql INT type:
a. quota-class-update
b. quota-update
c. encryption-type-create
3. Below apis accept name as string with whitespaces:
a. consisgroup-create
b. cgsnapshot-create
c. qos-create
d. volume-transfer
4. Type-key api will return 500 error code on passing key or value with
more than 255 characters.
Added new method
1. validate_name_and_description() in
cinder.api.openstack.wsgi.Controller to validate length of name and
description and returned 400 if it exceeds the limit and removing
leading or trailing whitespaces and string containing only
whitespaces.
2. validate_string_length() in cinder.api.openstack.wsgi.Controller to
validate length of string and returned 400 if it exceeds the limit.
3. validate_integer() method in cinder.utils to validate integer
limit and returned 400 if limit exceeds.
APIImpact
1. For all above apis 400 response will be returned.
2. Earlier it was possible to pass only whitespaces or leading-trailing
spaces to 'name' parameters and 'key' while updating key-value in
type-key api.
Now it will raise 400 error if only whitespaces are passed and will
remove leading-trailing spaces if present in other cases.
PranaliDeore [Mon, 11 May 2015 11:00:01 +0000 (04:00 -0700)]
Validate name and description string
If you pass name or description parameters with more than 255
characters to create and update apis of volume and snapshot
and create api of backup, then it returns 500 error code.
Added new method validate_name_and_description() in
cinder.api.openstack.wsgi.Controllera to validate string limit and
returned 400 if limit exceeds and also removing leading or trailing
whitespaces and string containing only whitespaces.
APIImpact
1. For all above APIs 400 response will be returned.
2. Earlier it was possible to pass only whitespaces or leading-trailing
spaces to 'name' parameter.
Now it will raise 400 error if only whitespaces are passed and will
remove leading-trailing spaces if present in other cases.
Xing Yang [Mon, 10 Aug 2015 02:41:21 +0000 (22:41 -0400)]
Handle missing temp volume and snapshot during cleanup
When backup service is started, we try to clean up temp volumes
and snapshots in previously failed backups. If the temp volume
or snapshot is already deleted, we will get VolumeNotFound or
SnapshotNotFound exceptions. These exceptions should be handled.
Also temp_volume_id and temp_snapshot_id should be set to None
after they are deleted.
is_public should be checked when creating volume type, otherwise DBError
will be raised in cinder-api, and the user will receive a 500 Internal
server error.
John Griffith [Sun, 9 Aug 2015 16:00:51 +0000 (10:00 -0600)]
Ignore InsecureReq warning in SolidFire Driver
The python requests package logs the use of Insecure as
a warning. Currently the use of http vs https is a
configurable option, and for those that use http, the
log files include a Warning message for every single
request to the SolidFire Cluster.
In our case we're explicitly providing the
option to use http instead of https, so we can safely
ignore this message and remove it from the logs.
Xing Yang [Fri, 7 Aug 2015 18:49:30 +0000 (14:49 -0400)]
Attach snapshot - driver only
This patch is a continuation of adding support for
non-disruptive backup. It provides a more efficient way
to backup an attached volume by creating a temp snapshot.
Since this is used internally for backup, the attach
snapshot interface is added in the driver only. For
drivers not implementing the attach snapshot interface,
backup will still be done using a volume.
Xing Yang [Fri, 7 Aug 2015 22:02:21 +0000 (18:02 -0400)]
Remove bad tests for the VMAX driver
There are a few tests for the VMAX driver that are causing lots of
unit test failures on various patches. I think the reason is several
tests are using the config file with the same name which is created
during setup and deleted at cleanup. When concurrency is > 1, one test
could have deleted the file while another test is trying to read from
it. So the unit tests need to be re-designed to isolate the impact on
each other. This will be worked on. For the short term, I want to
remove the bad tests to reduce the number of unit test failures on
other patches.