Comment 3 for bug 1703954
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Related fix merged to os-brick (master) | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
f33e652
(Get the code!)
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit f341e9c3ed86d15
Author: Gorka Eguileor <email address hidden>
Date: Wed Jul 12 19:55:20 2017 +0200
Return symlinks for encrypted volumes
When connecting encrypted volumes we need to return a symbolink link or
we will break all future attachments after detaching the volume.
OS-Brick on 1.14 and 1.15 returns real paths instead of returning symbolic
links, which results in the encryption attach_volume call replacing the
real device with a link to the crypt dm.
The issue comes from the Nova flow when attaching an encrypted volume:
1- Attach volume
2- Generate libvirt configuration with path from step 1
3- Encrypt attach volume
Since step 2 has already generated the config with the path from step 1 then
step 3 must preserve this path.
When step 1 returns a symbolic link we just forcefully replace it with a link
to the crypt dm and everything is OK, but when we return a real path it
does the same thing, which means we'll be replacing for example /dev/sda
with a symlink, which will then break the detach process, and all future
attachments.
Until Nova, Cinder, and OS-Brick are changed to have a different flow
(1, 3, 2) we need a workaround to make it work.
The workaround this patch introduces is to return a symbolic link when
the volume is encrypted.
It will try to return the symlink that always exists, but if it's not
there it will just look for ANY link to the device in '/dev/disk/by-id'.
Related-Bug: #1703954
Change-Id: If4461c3dcd67e5