OpenStack Compute (nova)

No way to secure volumes based on initiator name

Bug #924461 reported by Vish Ishaya on 2012-01-31

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Compute (nova)	Fix Released	Medium	Vish Ishaya	OpenStack Compute (nova) 2012.1 "essex"

Bug Description

Some hardware volume drivers secure volumes based on the name of the initiator. When the connection is prepared, an ip address is sent in, but the volume driver has no way of knowing what initiator the iscsi connection will come from. There needs to be some way for the driver to get the right initiator for the instance.

This could be done with a callback, but it is easiest to add the parameter to initialize_connection.

Vish Ishaya (vishvananda) on 2012-01-31

Changed in nova:
importance:	Undecided → Medium
assignee:	nobody → Vish Ishaya (vishvananda)
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-01-31: Fix proposed to nova (master)

Fix proposed to branch: master
Review: https://review.openstack.org/3586

Brian Waldon (bcwaldon) on 2012-02-04

Changed in nova:
milestone:	none → essex-4

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-02-06: Fix merged to nova (master)

Reviewed: https://review.openstack.org/3586
Committed: http://github.com/openstack/nova/commit/94d8553201e50e3e9e25992bfe4735addae4ffda
Submitter: Jenkins
Branch: master

commit 94d8553201e50e3e9e25992bfe4735addae4ffda
Author: Vishvananda Ishaya <email address hidden>
Date: Sat Jan 28 01:17:00 2012 -0800

Add initiator to initialize_connection

    Some volumes need to know the name of the initiator that will be
    connecting to the iscsi volume. This adds a call down to the hypervisor
    driver to get the ip and the initiator name for the vm before calling
    initialize connection. This connection is passed down to the volume
    driver so that it can be used to authenticate when the hypervisor
    tries to connect to the volume.

     * Adds initiator initialize_connection
     * Makes a call to driver to get initiator name and ip address
     * Gets initiator from openiscsi for libvirt
     * Gets initiator from config for xenapi
     * Add tests for the driver calls
     * Fixes bug 924461

Change-Id: I5b6a2dd84560c7f7b447571e0abf0993e5512ca0

Changed in nova:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2012-02-29

Changed in nova:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2012-04-05

Changed in nova:
milestone:	essex-4 → 2012.1

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.