cinderlib

No privsep support

Bug #1883720 reported by Gorka Eguileor on 2020-06-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	cinderlib	Fix Released	Medium	Gorka Eguileor

Bug Description

Cinderlib does not support Cinder drivers that make use of the privsep library.

Originally privsep had a limitation that would serialize all requests, so slow operations would create a bottleneck, thus cinderlib decided not to use privsep and call the commands directly.

Now that privsep no longer processes requests serially, cinderlib should support it so that Cinder drivers can take advantage of it.

The effort to improve the LVM LIO target (https://review.opendev.org/#/c/312498) is blocked by cinderlib missing this feature.

Tags:

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-06-16: Fix proposed to cinderlib (master)

Fix proposed to branch: master
Review: https://review.opendev.org/735935

Changed in cinderlib:
status:	New → In Progress

Sofia Enriquez (lsofia-enriquez) on 2021-05-19

Changed in cinderlib:
importance:	Undecided → Medium
tags:	added: privsep

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-06-22: Fix merged to cinderlib (master)

Reviewed: https://review.opendev.org/c/openstack/cinderlib/+/735935
Committed: https://opendev.org/openstack/cinderlib/commit/cf638c41f6aa8437aab14babc6406df2ceb0facc
Submitter: "Zuul (22348)"
Branch: master

commit cf638c41f6aa8437aab14babc6406df2ceb0facc
Author: Gorka Eguileor <email address hidden>
Date: Tue Jun 16 16:37:15 2020 +0200

Add privsep support

Cinderlib does not support Cinder drivers that make use of the privsep
library.

    Originally privsep had a limitation that would serialize all requests,
    so slow operations would create a bottleneck, thus cinderlib decided not
    to use privsep and call the commands directly.

Since privsep no longer serializes requests we stop going around privsep
and use it.

    Cinderlib is a library that works when run in a virtual environment, so
    we must maintain backward compatibiliy and still support it, which is
    problematic, because with Cinder's rootwrap+privsep we require
    /etc/cinder/rootwrap.conf and /etc/cinder/rootwrap.d to exist, but under
    a virtual env these are installed in the virtualenv's etc
    directory instead. For example: .tox/py37/etc/cinder/rootwrap.conf

This configuration file is modified to point to the right filters
directory and add the virtual env's bin directory to exec_dirs.

    We also take into account if we have installed cinder as editable in our
    virtual environment, because in that case files are not installed, and
    we will copy them from the source's directory into the virtual
    environment so we can freely modify them.

    Depends-On: https://review.opendev.org/737312
    Closes-Bug: #1883720
    Change-Id: I7963fbfbb0a683e3efcc5949f80b96e5daaa18f1

Changed in cinderlib:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-06-30: Fix included in openstack/cinderlib 4.0.0

This issue was fixed in the openstack/cinderlib 4.0.0 release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.