OpenStack Compute (nova)

libvirt disk.config will have issues when booting two with different config drive values

Bug #1369627 reported by Solly Ross on 2014-09-15

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Compute (nova)	Fix Released	Critical	Michael Still	OpenStack Compute (nova) 2014.2 "juno"
	OpenStack Security Advisory	Won't Fix	Undecided	Unassigned

Bug Description

Currently, in the image creating code for Juno we have

if configdrive.required_by(instance):
LOG.info(_LI('Using config drive'), instance=instance)

            image_type = self._get_configdrive_image_type()
            backend = image('disk.config', image_type)
            backend.cache(fetch_func=self._create_configdrive,
                          filename='disk.config' + suffix,
                          instance=instance,
                          admin_pass=admin_pass,
                          files=files,
                          network_info=network_info)

The important thing to notice here is that we have "filename='disk.confg' + suffix". This means that the filename for the config drive in the cache directory will be simply 'disk.config' followed by any potential suffix (e.g. '.rescue'). This name is not unique to the instance whose config drive we are creating. Therefore, when we go to boot another instance with a different config drive, the cache function will detect the old config drive, and decide it doesn't need to create the new config drive with the appropriate config for the new instance.

Tags:

Solly Ross (sross-7) on 2014-09-15

summary:

- libvirt disk.config will have issues when booting two instances at the
- same time
+ libvirt disk.config will have issues when booting two with different
+ config drive values

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-09-15: Fix proposed to nova (master)

Fix proposed to branch: master
Review: https://review.openstack.org/121604

Changed in nova:
status:	New → In Progress

Solly Ross (sross-7) on 2014-09-18

Changed in nova:
importance:	Undecided → Critical
tags:	added: security
Changed in nova:
milestone:	none → juno-rc1

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-09-22:

Fix proposed to branch: master
Review: https://review.openstack.org/123073

Changed in nova:
assignee:	Solly Ross (sross-7) → Michael Still (mikalstill)

Revision history for this message

Michael Still (mikal) wrote on 2014-09-23:

In the end it looks like we're resolving this one by reverting these changes:

  228d0221763b12f11ecbacde4db38b1151f96e31
  0b01e846d40f3b343da9ebe1dae89cca8bc2ac66
  ecce888c469c62374a3cc43e3cede11d8aa1e799

John Garbutt (johngarbutt) on 2014-09-23

information type:

Public → Public Security

Revision history for this message

Jeremy Stanley (fungi) wrote on 2014-09-23:

This only affects juno right? (Those changes are only in the master branch?) Just confirming we don't need an advisory for any released versions.

Changed in ossa:
status:	New → Incomplete

Revision history for this message

Solly Ross (sross-7) wrote on 2014-09-23:

Yep, it's only people running off of master.

Changed in ossa:
status:	Incomplete → New

Revision history for this message

Jeremy Stanley (fungi) wrote on 2014-09-23:

Thanks Solly. Setting the OSSA task to won't fix in that case, to track that we don't need an advisory.

Changed in ossa:
status:	New → Won't Fix

Revision history for this message

Michael Still (mikal) wrote on 2014-09-25:

These reverts have now merged.

Changed in nova:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2014-10-01

Changed in nova:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2014-10-16

Changed in nova:
milestone:	juno-rc1 → 2014.2

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-11-20: Change abandoned on nova (master)

Change abandoned by Sean Dague (<email address hidden>) on branch: master
Review: https://review.openstack.org/121604
Reason: This review is > 4 weeks without comment and currently blocked by a core reviewer with a -2. We are abandoning this for now. Feel free to reactivate the review by pressing the restore button and contacting the reviewer with the -2 on this review to ensure you address their concerns.

Thierry Carrez (ttx) on 2014-11-21

information type:

Public Security → Public

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-02-25: Related fix proposed to nova (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/159087

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-02-25: Change abandoned on nova (master)

#10

Change abandoned by Mehdi Abaakouk (<email address hidden>) on branch: master
Review: https://review.openstack.org/159087
Reason: Merged in previous review

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-05-13:

#11

Change abandoned by Joe Gordon (<email address hidden>) on branch: master
Review: https://review.openstack.org/123073
Reason: This review is > 4 weeks without comment, and failed Jenkins the last time it was checked. We are abandoning this for now. Feel free to reactivate the review by pressing the restore button and leaving a 'recheck' comment to get fresh test results.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-08-10: Related fix merged to nova (master)

#12

Reviewed: https://review.openstack.org/123073
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=adecf780d3ed4315e4ce305cb1821d493650494b
Submitter: Jenkins
Branch: master

commit adecf780d3ed4315e4ce305cb1821d493650494b
Author: Michael Still <email address hidden>
Date: Tue Nov 25 15:42:47 2014 +0300

Handle config drives being stored on rbd

    rbd is the only example of a currently supported image storage
    backend where it makes sense to put the config drive in the
    configured storage backend instead of local hypervisor disk. I
    don't think this makes sense for LVM, where we would be creating
    a LV for a tens of megabytes file, which seems like overkill to
    me. The other storage backends use local disk for their data
    already.

    This use case was covered by the now reverted changes:
      228d0221763b12f11ecbacde4db38b1151f96e31
      0b01e846d40f3b343da9ebe1dae89cca8bc2ac66
      ecce888c469c62374a3cc43e3cede11d8aa1e799

Support this special case by moving the image to rbd once it has
been created in the local instance directory on the hypervisor.

I've tested this change in devstack and it works.

    Related-bug: #1369627
    Related-bug: #1361840
    Related-bug: #1246201

Co-Authored-By: Mehdi Abaakouk <email address hidden>
Co-Authored-By: Dan Smith <email address hidden>

Change-Id: Ia3ca5a18c79d62b71b9c042a612d12dd074b245e

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-08-19: Related fix proposed to nova (stable/kilo)

#13

Related fix proposed to branch: stable/kilo
Review: https://review.openstack.org/214773

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-09-07: Change abandoned on nova (stable/kilo)

#14

Change abandoned by Rosario Di Somma (<email address hidden>) on branch: stable/kilo
Review: https://review.openstack.org/214773

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.