os-brick

Bug #1967790
Comment #4

Comment 4 for bug 1967790

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-06-16: Fix merged to os-brick (stable/yoga)

Reviewed: https://review.opendev.org/c/openstack/os-brick/+/845845
Committed: https://opendev.org/openstack/os-brick/commit/0bd5dc99152261d1d59ecb788faf4aea3e299edd
Submitter: "Zuul (22348)"
Branch: stable/yoga

commit 0bd5dc99152261d1d59ecb788faf4aea3e299edd
Author: Gorka Eguileor <email address hidden>
Date: Mon Apr 4 20:01:39 2022 +0200

Fix encryption symlink issues

This patch fixes 2 issues related to the symlinks, or lack of, that
connectors' connect_volume methods return.

    Some connectors always return the block device instead of a symlink for
    encrypted volumes, and other connectors return a symlink that is owned
    by the system's udev rules. Both cases are problematic

    Returning the real device can prevent the encryptor connect_volume to
    complete successfully, and in other cases (such as nvmeof) it completes,
    but on the connector's disconnect volume it will leave the device behind
    (i.e., /dev/nvme0n1) preventing new connections that would use that same
    device name.

    Returning a symlink owned by the system's udev rules means that they can
    be reclaimed by those rules at any time. This can happen with
    cryptsetup, because when it creates a new mapping it triggers udev rules
    for the device that can reclaim the symlink after os-brick has replaced
    it.

    This patch creates a couple of decorators to facilitate this for all
    connectors. These decorators transform the paths so that the callers
    gets the expected symlink, but the connector doesn't need to worry about
    it and will always see the value it returns regardless of what symlink
    the caller gets.

From this moment onwards we use our own custom symlink that starts with
"/dev/disk/by-id/os-brick".

    The patch fixes bugs in other connectors (such as the RBD local
    connection), but since there are no open bugs they have not been
    reported.

    Closes-Bug: #1964379
    Closes-Bug: #1967790
    Change-Id: Ie373ab050dcc0a35c749d9a53b6cf5ca060bcb58
    (cherry picked from commit 1583a5038d34fd560b554e0eee5c1c5a7612722f)

Reviewed:  https://review.opendev.org/c/openstack/os-brick/+/845845
Committed: https://opendev.org/openstack/os-brick/commit/0bd5dc99152261d1d59ecb788faf4aea3e299edd
Submitter: "Zuul (22348)"
Branch:    stable/yoga

commit 0bd5dc99152261d1d59ecb788faf4aea3e299edd
Author: Gorka Eguileor <geguileo@redhat.com>
Date:   Mon Apr 4 20:01:39 2022 +0200

Fix encryption symlink issues
    
    This patch fixes 2 issues related to the symlinks, or lack of, that
    connectors' connect_volume methods return.
    
    Some connectors always return the block device instead of a symlink for
    encrypted volumes, and other connectors return a symlink that is owned
    by the system's udev rules.  Both cases are problematic
    
    Returning the real device can prevent the encryptor connect_volume to
    complete successfully, and in other cases (such as nvmeof) it completes,
    but on the connector's disconnect volume it will leave the device behind
    (i.e., /dev/nvme0n1) preventing new connections that would use that same
    device name.
    
    Returning a symlink owned by the system's udev rules means that they can
    be reclaimed by those rules at any time.  This can happen with
    cryptsetup, because when it creates a new mapping it triggers udev rules
    for the device that can reclaim the symlink after os-brick has replaced
    it.
    
    This patch creates a couple of decorators to facilitate this for all
    connectors. These decorators transform the paths so that the callers
    gets the expected symlink, but the connector doesn't need to worry about
    it and will always see the value it returns regardless of what symlink
    the caller gets.
    
    From this moment onwards we use our own custom symlink that starts with
    "/dev/disk/by-id/os-brick".
    
    The patch fixes bugs in other connectors (such as the RBD local
    connection), but since there are no open bugs they have not been
    reported.
    
    Closes-Bug: #1964379
    Closes-Bug: #1967790
    Change-Id: Ie373ab050dcc0a35c749d9a53b6cf5ca060bcb58
    (cherry picked from commit 1583a5038d34fd560b554e0eee5c1c5a7612722f)