OpenStack Compute (nova)

  1. Bug #1548450
  2. Comment #14

Comment 14 for bug 1548450

Revision history for this message
Lee Yarwood (lyarwood) wrote : Re: Host data leak during resize/migrate for raw-backed instances

I've reproduced this case where a qcow2 header is written to the raw ephemeral on the source host before it and any associated storage is then live migrated. In this case disk.info is regenerated on the destination. After a hard reboot the instance then uses the ephemeral disk as if it were a qcow2 file. Again, my notes on this are below :

root@source # cat /var/lib/nova/instances/d7166c75-7561-4788-9bc0-481eee78082f/disk.info
{"/var/lib/nova/instances/d7166c75-7561-4788-9bc0-481eee78082f/disk": "raw", "/var/lib/nova/instances/d7166c75-7561-4788-9bc0-481eee78082f/disk.eph0": "raw"}

root@guest # lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
vda 252:0 0 5G 0 disk
└─vda1 252:1 0 5G 0 part /
vdb 252:16 0 1G 0 disk /mnt

root@guest # umount /mnt

root@guest # qemu-img create -f qcow2 -o backing_file=/dev/sda3,backing_fmt=raw /dev/vdb 20G
Formatting '/dev/vdb', fmt=qcow2 size=21474836480 backing_file='/dev/sda3' backing_fmt='raw' encryption=off cluster_size=65536 lazy_refcounts=off refcount_bits=16
[root@test-live-migrate ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
vda 252:0 0 5G 0 disk
└─vda1 252:1 0 5G 0 part /
vdb 252:16 0 1G 0 disk

root@guest # qemu-img info /dev/vdb
image: /dev/vdb
file format: qcow2
virtual size: 20G (21474836480 bytes)
disk size: 0
cluster_size: 65536
backing file: /dev/sda3
backing file format: raw
Format specific information:
    compat: 1.1
    lazy refcounts: false
    refcount bits: 16
    corrupt: false

# nova live-migration --block-migrate test-live-migrate

root@destination # ps aux | grep qemu
qemu 17656 10.6 3.3 1236024 262832 ? Sl 09:20 0:09 /usr/libexec/qemu-kvm -name instance-00000009 [..] -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -drive file=/var/lib/nova/instances/d7166c75-7561-4788-9bc0-481eee78082f/disk.eph0,if=none,id=drive-virtio-disk1,format=raw,cache=none [..]

root@destination # cat /var/lib/nova/instances/d7166c75-7561-4788-9bc0-481eee78082f/disk.info
{"/var/lib/nova/instances/d7166c75-7561-4788-9bc0-481eee78082f/disk": "raw", "/var/lib/nova/instances/d7166c75-7561-4788-9bc0-481eee78082f/disk.eph0": "qcow2"}

# nova reboot --hard test-live-migrate

root@destination # ps aux | grep qemu
qemu 18684 101 4.1 1209396 326928 ? Sl 09:23 0:11 /usr/libexec/qemu-kvm -name instance-00000009 [..] -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -drive file=/var/lib/nova/instances/d7166c75-7561-4788-9bc0-481eee78082f/disk.eph0,if=none,id=drive-virtio-disk1,format=qcow2,cache=none [..]

root@guest # lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
vda 252:0 0 5G 0 disk
└─vda1 252:1 0 5G 0 part /
vdb 252:16 0 20G 0 disk /mnt

root@guest # ll /mnt/etc/redhat-release
-rw-r--r--. 1 root root 52 Oct 23 13:25 /mnt/etc/redhat-release