OpenStack Shared File Systems Service (Manila)

cephfs_native: deny access evicts clients incorrectly

Bug #1567298 reported by Ramana Raja
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack Shared File Systems Service (Manila)
Fix Released
Medium
Ramana Raja

Bug Description

Denying access of a ceph auth ID to a share is supposed to evict
the client based on the auth ID and the share accessed. Currently,
the driver tries to do this by incorrectly [1] using CephFSVolumeClient.evict() (part of of a Ceph library module), which
itself does not yet evict clients based on auth ID and
path accessed [2].

Fix: Wait for the relevant ceph_volume_client library change, and based
     on the change evict clients correctly when denying access.

[1] https://github.com/openstack/manila/commit/cbb316babf1648f46c7e31e6415470df29dd5377#diff-4256e8eb2400d0325fe689bc36010201R230

[2] http://tracker.ceph.com/issues/15045

See original description
Ramana Raja (rraja)
summary: - cephfs_native: deny access evicts clients that it shouldn't
+ cephfs_native: deny access evicts clients incorrectly
Ramana Raja (rraja)
description: updated
Ramana Raja (rraja)
Changed in manila:
assignee: nobody → Ramana Raja (rraja)
Ramana Raja (rraja)
tags: added: drivers
tags: added: driver
removed: drivers
Ramana Raja (rraja)
description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to manila (master)

Fix proposed to branch: master
Review: https://review.openstack.org/304766

Changed in manila:
status: New → In Progress
OpenStack Infra (hudson-openstack)
Changed in manila:
assignee: Ramana Raja (rraja) → Tom Barron (tpb)
Tom Barron (tpb)
Changed in manila:
assignee: Tom Barron (tpb) → nobody
Tom Barron (tpb)
tags: added: cephfs mitaka-backport-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to manila (stable/mitaka)

Fix proposed to branch: stable/mitaka
Review: https://review.openstack.org/327951

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to manila (master)

Reviewed: https://review.openstack.org/304766
Committed: https://git.openstack.org/cgit/openstack/manila/commit/?id=05dcc06dde308f979bb1c9236e33448ab4959216
Submitter: Jenkins
Branch: master

commit 05dcc06dde308f979bb1c9236e33448ab4959216
Author: Ramana Raja <email address hidden>
Date: Tue Apr 12 21:47:12 2016 +0530

    cephfs_native: Fix client eviction

    During deny access, the driver evicts client based on its auth ID
    and the share its accessing. It does not make the correct use of
    ceph_volume_client library to do this. So fix the evict method call.

    Closes-Bug: #1567298

    Change-Id: I707d1f2d455106f45c35aa28ca2a30fb0460f9e8

Changed in manila:
status: In Progress → Fix Released
Goutham Pacha Ravi (gouthamr)
Changed in manila:
importance: Undecided → Medium
assignee: nobody → Ramana Raja (rraja)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to manila (stable/mitaka)

Reviewed: https://review.openstack.org/327951
Committed: https://git.openstack.org/cgit/openstack/manila/commit/?id=beebb3833d99180c5bc6d6aea2d559a2d8def674
Submitter: Jenkins
Branch: stable/mitaka

commit beebb3833d99180c5bc6d6aea2d559a2d8def674
Author: Ramana Raja <email address hidden>
Date: Tue Apr 12 21:47:12 2016 +0530

    cephfs_native: Fix client eviction

    During deny access, the driver evicts client based on its auth ID
    and the share its accessing. It does not make the correct use of
    ceph_volume_client library to do this. So fix the evict method call.

    Co-Authored-By: Ramana Raja <email address hidden>
    Closes-Bug: #1567298

    Change-Id: I707d1f2d455106f45c35aa28ca2a30fb0460f9e8
    (cherry picked from commit 05dcc06dde308f979bb1c9236e33448ab4959216)

tags: added: in-stable-mitaka
Revision history for this message
Doug Hellmann (doug-hellmann) wrote : Fix included in openstack/manila 3.0.0.0b2

This issue was fixed in the openstack/manila 3.0.0.0b2 development milestone.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.