From c06e552fd5a16f3682bac4455f2f75c952cf4eba Mon Sep 17 00:00:00 2001
From: Matt Smith <mss@datera.io>
Date: Tue, 7 Jun 2016 11:19:49 -0700
Subject: [PATCH] Adds ACL, IP Pool, Multipath to Datera Driver
Reorganized the code a bit, added support for ACLs, IP Pools
and Multipath to the Datera Elastic DataFabric Storage driver
DocImpact
Implements: blueprint datera-cinder-driver-update-2.1
Change-Id: I1a3d61aaed18ac550825f4f368c16079e252437b
---
.../tests/unit/volume/drivers/test_datera.py | 100 +++-
cinder/volume/drivers/datera.py | 428 +++++++++++++-----
...er-driver-update-2.1-5c6455b45563adc5.yaml | 7 +
requirements.txt | 1 +
4 files changed, 404 insertions(+), 132 deletions(-)
create mode 100644 releasenotes/notes/bp-datera-cinder-driver-update-2.1-5c6455b45563adc5.yaml
diff --git a/cinder/tests/unit/volume/drivers/test_datera.py b/cinder/tests/unit/volume/drivers/test_datera.py
index dacf8d85333..0707f035dfd 100644
--- a/cinder/tests/unit/volume/drivers/test_datera.py
+++ b/cinder/tests/unit/volume/drivers/test_datera.py
@@ -39,6 +39,10 @@ class DateraVolumeTestCase(test.TestCase):
self.cfg.datera_api_port = '7717'
self.cfg.datera_api_version = '1'
self.cfg.datera_num_replicas = '2'
+ self.cfg.datera_503_timeout = 0.01
+ self.cfg.datera_503_interval = 0.001
+ self.cfg.datera_acl_allow_all = False
+ self.cfg.datera_debug = False
self.cfg.san_login = 'user'
self.cfg.san_password = 'pass'
@@ -152,16 +156,12 @@ class DateraVolumeTestCase(test.TestCase):
self.driver.delete_volume, self.volume)
def test_ensure_export_success(self):
- self.mock_api.side_effect = self._generate_fake_api_request()
- ctxt = context.get_admin_context()
- expected = {
- 'provider_location': '172.28.94.11:3260 iqn.2013-05.com.daterainc'
- ':c20aba21-6ef6-446b-b374-45733b4883ba--ST'
- '--storage-1:01:sn:34e5b20fbadd3abb 0'}
-
- self.assertEqual(expected, self.driver.ensure_export(ctxt,
- self.volume,
- None))
+ with mock.patch('time.sleep'):
+ self.mock_api.side_effect = self._generate_fake_api_request()
+ ctxt = context.get_admin_context()
+ self.assertIsNone(self.driver.ensure_export(ctxt,
+ self.volume,
+ None))
def test_ensure_export_fails(self):
self.mock_api.side_effect = exception.DateraAPIException
@@ -170,26 +170,62 @@ class DateraVolumeTestCase(test.TestCase):
self.driver.ensure_export, ctxt, self.volume, None)
def test_create_export_target_does_not_exist_success(self):
- self.mock_api.side_effect = self._generate_fake_api_request(
- targets_exist=False)
- ctxt = context.get_admin_context()
- expected = {
- 'provider_location': '172.28.94.11:3260 iqn.2013-05.com.daterainc'
- ':c20aba21-6ef6-446b-b374-45733b4883ba--ST'
- '--storage-1:01:sn:34e5b20fbadd3abb 0'}
-
- self.assertEqual(expected, self.driver.create_export(ctxt,
- self.volume,
- None))
+ with mock.patch('time.sleep'):
+ self.mock_api.side_effect = self._generate_fake_api_request(
+ targets_exist=False)
+ ctxt = context.get_admin_context()
+ self.assertIsNone(self.driver.create_export(ctxt,
+ self.volume,
+ None))
def test_create_export_fails(self):
+ with mock.patch('time.sleep'):
+ self.mock_api.side_effect = exception.DateraAPIException
+ ctxt = context.get_admin_context()
+ self.assertRaises(exception.DateraAPIException,
+ self.driver.create_export,
+ ctxt,
+ self.volume,
+ None)
+
+ def test_initialize_connection_success(self):
+ self.mock_api.side_effect = self._generate_fake_api_request()
+ connector = {}
+
+ expected = {
+ 'driver_volume_type': 'iscsi',
+ 'data': {
+ 'target_discovered': False,
+ 'volume_id': self.volume['id'],
+ 'target_iqn': ('iqn.2013-05.com.daterainc:c20aba21-6ef6-'
+ '446b-b374-45733b4883ba--ST--storage-1:01:'
+ 'sn:34e5b20fbadd3abb'),
+ 'target_portal': '172.28.94.11:3260',
+ 'target_lun': 0,
+ 'discard': False}}
+ self.assertEqual(expected,
+ self.driver.initialize_connection(self.volume,
+ connector))
+
+ def test_initialize_connection_fails(self):
self.mock_api.side_effect = exception.DateraAPIException
- ctxt = context.get_admin_context()
+ connector = {}
self.assertRaises(exception.DateraAPIException,
- self.driver.create_export, ctxt, self.volume, None)
+ self.driver.initialize_connection,
+ self.volume,
+ connector)
def test_detach_volume_success(self):
- self.mock_api.return_value = {}
+ self.mock_api.side_effect = [
+ {},
+ self._generate_fake_api_request()(
+ "acl_policy"),
+ self._generate_fake_api_request()(
+ "ig_group"),
+ {},
+ {},
+ {},
+ {}]
ctxt = context.get_admin_context()
volume = _stub_volume(status='in-use')
self.assertIsNone(self.driver.detach_volume(ctxt, volume))
@@ -278,8 +314,24 @@ class DateraVolumeTestCase(test.TestCase):
'c20aba21-6ef6-446b-b374-45733b4883ba'):
return stub_app_instance[
'c20aba21-6ef6-446b-b374-45733b4883ba']
+ elif resource_type == 'acl_policy':
+ return stub_acl
+ elif resource_type == 'ig_group':
+ return stub_ig
return _fake_api_request
+stub_acl = {
+ 'initiator_groups': [
+ '/initiator_groups/IG-8739f309-dae9-4534-aa02-5b8e9e96eefd'],
+ 'initiators': [],
+ 'path': ('/app_instances/8739f309-dae9-4534-aa02-5b8e9e96eefd/'
+ 'storage_instances/storage-1/acl_policy')}
+
+stub_ig = {
+ 'members': ['/initiators/iqn.1993-08.org.debian:01:ed22de8d75c0'],
+ 'name': 'IG-21e08155-8b95-4108-b148-089f64623963',
+ 'path': '/initiator_groups/IG-21e08155-8b95-4108-b148-089f64623963'}
+
stub_create_export = {
"_ipColl": ["172.28.121.10", "172.28.120.10"],
diff --git a/cinder/volume/drivers/datera.py b/cinder/volume/drivers/datera.py
index 8aef864ecf8..39e812f9245 100644
--- a/cinder/volume/drivers/datera.py
+++ b/cinder/volume/drivers/datera.py
@@ -13,8 +13,12 @@
# License for the specific language governing permissions and limitations
# under the License.
+import functools
import json
+import time
+import uuid
+import ipaddress
from oslo_config import cfg
from oslo_log import log as logging
from oslo_utils import excutils
@@ -32,6 +36,8 @@ from cinder.volume import volume_types
LOG = logging.getLogger(__name__)
+DATERA_SI_SLEEP = 4
+
d_opts = [
cfg.StrOpt('datera_api_port',
default='7717',
@@ -39,9 +45,21 @@ d_opts = [
cfg.StrOpt('datera_api_version',
default='2',
help='Datera API version.'),
- cfg.StrOpt('datera_num_replicas',
- default='1',
- help='Number of replicas to create of an inode.')
+ cfg.IntOpt('datera_num_replicas',
+ default='3',
+ help='Number of replicas to create of an inode.'),
+ cfg.IntOpt('datera_503_timeout',
+ default='120',
+ help='Timeout for HTTP 503 retry messages'),
+ cfg.IntOpt('datera_503_interval',
+ default='5',
+ help='Interval between 503 retries'),
+ cfg.BoolOpt('datera_acl_allow_all',
+ default=False,
+ help="True to set acl 'allow_all' on volumes created"),
+ cfg.BoolOpt('datera_debug',
+ default=False,
+ help="True to set function arg and return logging")
]
@@ -52,6 +70,23 @@ CONF.register_opts(d_opts)
DEFAULT_STORAGE_NAME = 'storage-1'
DEFAULT_VOLUME_NAME = 'volume-1'
+# Recursive dict to assemble basic url structure for the most common
+# API URL endpoints. Most others are constructed from these
+# Don't use this object to get a url though
+_URL_TEMPLATES_BASE = {
+ 'ai': lambda: 'app_instances',
+ 'ai_inst': lambda: (_URL_TEMPLATES_BASE['ai']() + '/{}'),
+ 'si': lambda: (_URL_TEMPLATES_BASE['ai_inst']() + '/storage_instances'),
+ 'si_inst': lambda: ((_URL_TEMPLATES_BASE['si']() + '/{}').format(
+ '{}', DEFAULT_STORAGE_NAME)),
+ 'vol': lambda: ((_URL_TEMPLATES_BASE['si_inst']() + '/volumes').format(
+ '{}', DEFAULT_STORAGE_NAME)),
+ 'vol_inst': lambda: ((_URL_TEMPLATES_BASE['vol']() + '/{}').format(
+ '{}', DEFAULT_VOLUME_NAME))}
+
+# Use this one since I haven't found a way to inline call lambdas
+URL_TEMPLATES = {k: v() for k, v in _URL_TEMPLATES_BASE.items()}
+
def _authenticated(func):
"""Ensure the driver is authenticated to make a request.
@@ -59,7 +94,7 @@ def _authenticated(func):
In do_setup() we fetch an auth token and store it. If that expires when
we do API request, we'll fetch a new one.
"""
-
+ @functools.wraps(func)
def func_wrapper(self, *args, **kwargs):
try:
return func(self, *args, **kwargs)
@@ -76,6 +111,7 @@ def _authenticated(func):
return func_wrapper
+@six.add_metaclass(utils.TraceWrapperWithABCMetaclass)
class DateraDriver(san.SanISCSIDriver):
"""The OpenStack Datera Driver
@@ -84,8 +120,9 @@ class DateraDriver(san.SanISCSIDriver):
1.0 - Initial driver
1.1 - Look for lun-0 instead of lun-1.
2.0 - Update For Datera API v2
+ 2.1 - Multipath, ACL and reorg
"""
- VERSION = '2.0'
+ VERSION = '2.1'
def __init__(self, *args, **kwargs):
super(DateraDriver, self).__init__(*args, **kwargs)
@@ -96,6 +133,15 @@ class DateraDriver(san.SanISCSIDriver):
self.auth_token = None
self.cluster_stats = {}
self.datera_api_token = None
+ self.retry_attempts = (int(self.configuration.datera_503_timeout /
+ self.configuration.datera_503_interval))
+ self.interval = self.configuration.datera_503_interval
+ self.allow_all = self.configuration.datera_acl_allow_all
+ self.driver_prefix = str(uuid.uuid4())[:4]
+ self.datera_debug = self.configuration.datera_debug
+
+ if self.datera_debug:
+ utils.setup_tracing(['method'])
def _login(self):
"""Use the san_login and san_password to set self.auth_token."""
@@ -159,15 +205,15 @@ class DateraDriver(san.SanISCSIDriver):
raise
else:
# Handle updating QOS Policies
- if resource_type == 'app_instances':
- url = ('app_instances/{}/storage_instances/{}/volumes/{'
- '}/performance_policy')
- url = url.format(
- resource['id'],
- DEFAULT_STORAGE_NAME,
- DEFAULT_VOLUME_NAME)
+ if resource_type == URL_TEMPLATES['ai']:
+ url = URL_TEMPLATES['vol_inst'] + '/performance_policy'
+ url = url.format(resource['id'])
if type_id is not None:
- policies = self._get_policies_by_volume_type(type_id)
+ # Filter for just QOS policies in result. All of their keys
+ # should end with "max"
+ policies = {k: int(v) for k, v in
+ self._get_policies_by_volume_type(
+ type_id).items() if k.endswith("max")}
if policies:
self._issue_api_request(url, 'post', body=policies)
if result['storage_instances'][DEFAULT_STORAGE_NAME]['volumes'][
@@ -185,7 +231,7 @@ class DateraDriver(san.SanISCSIDriver):
'create_mode': "openstack",
'uuid': str(volume['id']),
'name': str(volume['id']),
- 'access_control_mode': 'allow_all',
+ 'access_control_mode': 'deny_all',
'storage_instances': {
DEFAULT_STORAGE_NAME: {
'name': DEFAULT_STORAGE_NAME,
@@ -193,7 +239,7 @@ class DateraDriver(san.SanISCSIDriver):
DEFAULT_VOLUME_NAME: {
'name': DEFAULT_VOLUME_NAME,
'size': volume['size'],
- 'replica_count': int(self.num_replicas),
+ 'replica_count': self.num_replicas,
'snapshot_policies': {
}
}
@@ -201,43 +247,39 @@ class DateraDriver(san.SanISCSIDriver):
}
}
})
- self._create_resource(volume, 'app_instances', body=app_params)
+ self._create_resource(volume, URL_TEMPLATES['ai'], body=app_params)
def extend_volume(self, volume, new_size):
# Offline App Instance, if necessary
reonline = False
app_inst = self._issue_api_request(
- "app_instances/{}".format(volume['id']))
+ URL_TEMPLATES['ai_inst'].format(volume['id']))
if app_inst['admin_state'] == 'online':
reonline = True
- self.detach_volume(None, volume)
+ self.detach_volume(None, volume, delete_initiator=False)
# Change Volume Size
app_inst = volume['id']
- storage_inst = DEFAULT_STORAGE_NAME
data = {
'size': new_size
}
self._issue_api_request(
- 'app_instances/{}/storage_instances/{}/volumes/{}'.format(
- app_inst, storage_inst, DEFAULT_VOLUME_NAME),
- method='put', body=data)
+ URL_TEMPLATES['vol_inst'].format(app_inst),
+ method='put',
+ body=data)
# Online Volume, if it was online before
if reonline:
- self.create_export(None, volume)
+ self.create_export(None, volume, None)
def create_cloned_volume(self, volume, src_vref):
- clone_src_template = ("/app_instances/{}/storage_instances/{"
- "}/volumes/{}")
- src = clone_src_template.format(src_vref['id'], DEFAULT_STORAGE_NAME,
- DEFAULT_VOLUME_NAME)
+ src = "/" + URL_TEMPLATES['vol_inst'].format(src_vref['id'])
data = {
'create_mode': 'openstack',
'name': str(volume['id']),
'uuid': str(volume['id']),
'clone_src': src,
- 'access_control_mode': 'allow_all'
+ # 'access_control_mode': 'allow_all'
}
- self._issue_api_request('app_instances', 'post', body=data)
+ self._issue_api_request(URL_TEMPLATES['ai'], 'post', body=data)
if volume['size'] > src_vref['size']:
self.extend_volume(volume, volume['size'])
@@ -246,7 +288,7 @@ class DateraDriver(san.SanISCSIDriver):
self.detach_volume(None, volume)
app_inst = volume['id']
try:
- self._issue_api_request('app_instances/{}'.format(app_inst),
+ self._issue_api_request(URL_TEMPLATES['ai_inst'].format(app_inst),
method='delete')
except exception.NotFound:
msg = _LI("Tried to delete volume %s, but it was not found in the "
@@ -257,24 +299,125 @@ class DateraDriver(san.SanISCSIDriver):
"""Gets the associated account, retrieves CHAP info and updates."""
return self.create_export(context, volume, connector)
- def create_export(self, context, volume, connector):
- url = "app_instances/{}".format(volume['id'])
+ def initialize_connection(self, volume, connector):
+ # Now online the app_instance (which will online all storage_instances)
+ multipath = connector.get('multipath', False)
+ url = URL_TEMPLATES['ai_inst'].format(volume['id'])
data = {
'admin_state': 'online'
}
app_inst = self._issue_api_request(url, method='put', body=data)
- storage_instance = app_inst['storage_instances'][
- DEFAULT_STORAGE_NAME]
+ storage_instances = app_inst["storage_instances"]
+ si_names = list(storage_instances.keys())
- portal = storage_instance['access']['ips'][0] + ':3260'
- iqn = storage_instance['access']['iqn']
+ portal = storage_instances[si_names[0]]['access']['ips'][0] + ':3260'
+ iqn = storage_instances[si_names[0]]['access']['iqn']
+ if multipath:
+ portals = [p + ':3260' for p in
+ storage_instances[si_names[0]]['access']['ips']]
+ iqns = [iqn for _ in
+ storage_instances[si_names[0]]['access']['ips']]
+ lunids = [self._get_lunid() for _ in
+ storage_instances[si_names[0]]['access']['ips']]
- # Portal, IQN, LUNID
- provider_location = '%s %s %s' % (portal, iqn, self._get_lunid())
- return {'provider_location': provider_location}
+ return {
+ 'driver_volume_type': 'iscsi',
+ 'data': {
+ 'target_discovered': False,
+ 'target_iqn': iqn,
+ 'target_iqns': iqns,
+ 'target_portal': portal,
+ 'target_portals': portals,
+ 'target_lun': self._get_lunid(),
+ 'target_luns': lunids,
+ 'volume_id': volume['id'],
+ 'discard': False}}
+ else:
+ return {
+ 'driver_volume_type': 'iscsi',
+ 'data': {
+ 'target_discovered': False,
+ 'target_iqn': iqn,
+ 'target_portal': portal,
+ 'target_lun': self._get_lunid(),
+ 'volume_id': volume['id'],
+ 'discard': False}}
+
+ def create_export(self, context, volume, connector):
+ # Online volume in case it hasn't been already
+ url = URL_TEMPLATES['ai_inst'].format(volume['id'])
+ data = {
+ 'admin_state': 'online'
+ }
+ self._issue_api_request(url, method='put', body=data)
+ # Check if we've already setup everything for this volume
+ url = (URL_TEMPLATES['si'].format(volume['id']))
+ storage_instances = self._issue_api_request(url)
+ # Handle adding initiator to product if necessary
+ # Then add initiator to ACL
+ if connector and connector.get('initiator') and not self.allow_all:
+ initiator_name = "OpenStack_{}_{}".format(
+ self.driver_prefix, str(uuid.uuid4())[:4])
+ initiator_group = 'IG-' + volume['id']
+ found = False
+ initiator = connector['initiator']
+ current_initiators = self._issue_api_request('initiators')
+ for iqn, values in current_initiators.items():
+ if initiator == iqn:
+ found = True
+ break
+ # If we didn't find a matching initiator, create one
+ if not found:
+ data = {'id': initiator, 'name': initiator_name}
+ # Try and create the initiator
+ # If we get a conflict, ignore it because race conditions
+ self._issue_api_request("initiators",
+ method="post",
+ body=data,
+ conflict_ok=True)
+ # Create initiator group with initiator in it
+ initiator_path = "/initiators/{}".format(initiator)
+ initiator_group_path = "/initiator_groups/{}".format(
+ initiator_group)
+ ig_data = {'name': initiator_group, 'members': [initiator_path]}
+ self._issue_api_request("initiator_groups",
+ method="post",
+ body=ig_data,
+ conflict_ok=True)
+ # Create ACL with initiator group as reference for each
+ # storage_instance in app_instance
+ # TODO(_alastor_) We need to avoid changing the ACLs if the
+ # template already specifies an ACL policy.
+ for si_name in storage_instances.keys():
+ acl_url = (URL_TEMPLATES['si'] + "/{}/acl_policy").format(
+ volume['id'], si_name)
+ data = {'initiator_groups': [initiator_group_path]}
+ self._issue_api_request(acl_url,
+ method="put",
+ body=data)
+
+ if connector and connector.get('ip'):
+ # Determine IP Pool from IP and update storage_instance
+ try:
+ initiator_ip_pool_path = self._get_ip_pool_for_string_ip(
+ connector['ip'])
+
+ ip_pool_url = URL_TEMPLATES['si_inst'].format(
+ volume['id'])
+ ip_pool_data = {'ip_pool': initiator_ip_pool_path}
+ self._issue_api_request(ip_pool_url,
+ method="put",
+ body=ip_pool_data)
+ except exception.DateraAPIException:
+ # Datera product 1.0 support
+ pass
+ # Some versions of Datera software require more time to make the
+ # ISCSI lun available, but don't report that it's unavailable. We
+ # can remove this when we deprecate those versions
+ time.sleep(DATERA_SI_SLEEP)
def detach_volume(self, context, volume, attachment=None):
- url = "app_instances/{}".format(volume['id'])
+ url = URL_TEMPLATES['ai_inst'].format(volume['id'])
data = {
'admin_state': 'offline',
'force': True
@@ -285,13 +428,46 @@ class DateraDriver(san.SanISCSIDriver):
msg = _LI("Tried to detach volume %s, but it was not found in the "
"Datera cluster. Continuing with detach.")
LOG.info(msg, volume['id'])
+ # TODO(_alastor_) Make acl cleaning multi-attach aware
+ self._clean_acl(volume)
+
+ def _check_for_acl(self, initiator_path):
+ """Returns True if an acl is found for initiator_path """
+ # TODO(_alastor_) when we get a /initiators/:initiator/acl_policies
+ # endpoint use that instead of this monstrosity
+ initiator_groups = self._issue_api_request("initiator_groups")
+ for ig, igdata in initiator_groups.items():
+ if initiator_path in igdata['members']:
+ LOG.debug("Found initiator_group: %s for initiator: %s",
+ ig, initiator_path)
+ return True
+ LOG.debug("No initiator_group found for initiator: %s", initiator_path)
+ return False
+
+ def _clean_acl(self, volume):
+ acl_url = (URL_TEMPLATES["si_inst"] + "/acl_policy").format(
+ volume['id'])
+ try:
+ initiator_group = self._issue_api_request(acl_url)[
+ 'initiator_groups'][0]
+ initiator_iqn_path = self._issue_api_request(
+ initiator_group.lstrip("/"))["members"][0]
+ # Clear out ACL and delete initiator group
+ self._issue_api_request(acl_url,
+ method="put",
+ body={'initiator_groups': []})
+ self._issue_api_request(initiator_group.lstrip("/"),
+ method="delete")
+ if not self._check_for_acl(initiator_iqn_path):
+ self._issue_api_request(initiator_iqn_path.lstrip("/"),
+ method="delete")
+ except (IndexError, exception.NotFound):
+ LOG.debug("Did not find any initiator groups for volume: %s",
+ volume)
def create_snapshot(self, snapshot):
- url_template = ('app_instances/{}/storage_instances/{}/volumes/{'
- '}/snapshots')
- url = url_template.format(snapshot['volume_id'],
- DEFAULT_STORAGE_NAME,
- DEFAULT_VOLUME_NAME)
+ url_template = URL_TEMPLATES['vol_inst'] + '/snapshots'
+ url = url_template.format(snapshot['volume_id'])
snap_params = {
'uuid': snapshot['id'],
@@ -299,12 +475,8 @@ class DateraDriver(san.SanISCSIDriver):
self._issue_api_request(url, method='post', body=snap_params)
def delete_snapshot(self, snapshot):
- snap_temp = ('app_instances/{}/storage_instances/{}/volumes/{'
- '}/snapshots')
- snapu = snap_temp.format(snapshot['volume_id'],
- DEFAULT_STORAGE_NAME,
- DEFAULT_VOLUME_NAME)
-
+ snap_temp = URL_TEMPLATES['vol_inst'] + '/snapshots'
+ snapu = snap_temp.format(snapshot['volume_id'])
snapshots = self._issue_api_request(snapu, method='get')
try:
@@ -322,12 +494,8 @@ class DateraDriver(san.SanISCSIDriver):
LOG.info(msg, snapshot['id'])
def create_volume_from_snapshot(self, volume, snapshot):
- snap_temp = ('app_instances/{}/storage_instances/{}/volumes/{'
- '}/snapshots')
- snapu = snap_temp.format(snapshot['volume_id'],
- DEFAULT_STORAGE_NAME,
- DEFAULT_VOLUME_NAME)
-
+ snap_temp = URL_TEMPLATES['vol_inst'] + '/snapshots'
+ snapu = snap_temp.format(snapshot['volume_id'])
snapshots = self._issue_api_request(snapu, method='get')
for ts, snap in snapshots.items():
if snap['uuid'] == snapshot['id']:
@@ -336,22 +504,16 @@ class DateraDriver(san.SanISCSIDriver):
else:
raise exception.NotFound
- src = ('/app_instances/{}/storage_instances/{}/volumes/{'
- '}/snapshots/{}'.format(
- snapshot['volume_id'],
- DEFAULT_STORAGE_NAME,
- DEFAULT_VOLUME_NAME,
- found_ts))
+ src = "/" + (snap_temp + '/{}').format(snapshot['volume_id'], found_ts)
app_params = (
{
'create_mode': 'openstack',
'uuid': str(volume['id']),
'name': str(volume['id']),
'clone_src': src,
- 'access_control_mode': 'allow_all'
})
self._issue_api_request(
- 'app_instances',
+ URL_TEMPLATES['ai'],
method='post',
body=app_params)
@@ -416,9 +578,89 @@ class DateraDriver(san.SanISCSIDriver):
policies.update(qos_kvs)
return policies
+ def _get_ip_pool_for_string_ip(self, ip):
+ """Takes a string ipaddress and return the ip_pool API object dict """
+ pool = 'default'
+ ip_obj = ipaddress.ip_address(six.text_type(ip))
+ ip_pools = self._issue_api_request("access_network_ip_pools")
+ for ip_pool, ipdata in ip_pools.items():
+ for access, adata in ipdata['network_paths'].items():
+ if not adata.get('start_ip'):
+ continue
+ pool_if = ipaddress.ip_interface(
+ "/".join((adata['start_ip'], adata['netmask'])))
+ if ip_obj in pool_if.network:
+ pool = ip_pool
+ return self._issue_api_request(
+ "access_network_ip_pools/{}".format(pool))['path']
+
+ def _request(self, connection_string, method, payload, header, cert_data):
+ LOG.debug("Endpoint for Datera API call: %s", connection_string)
+ try:
+ response = getattr(requests, method)(connection_string,
+ data=payload, headers=header,
+ verify=False, cert=cert_data)
+ return response
+ except requests.exceptions.RequestException as ex:
+ msg = _(
+ 'Failed to make a request to Datera cluster endpoint due '
+ 'to the following reason: %s') % six.text_type(
+ ex.message)
+ LOG.error(msg)
+ raise exception.DateraAPIException(msg)
+
+ def _raise_response(self, response):
+ msg = _('Request to Datera cluster returned bad status:'
+ ' %(status)s | %(reason)s') % {
+ 'status': response.status_code,
+ 'reason': response.reason}
+ LOG.error(msg)
+ raise exception.DateraAPIException(msg)
+
+ def _handle_bad_status(self,
+ response,
+ connection_string,
+ method,
+ payload,
+ header,
+ cert_data,
+ sensitive=False,
+ conflict_ok=False):
+ if not sensitive:
+ LOG.debug(("Datera Response URL: %s\n"
+ "Datera Response Payload: %s\n"
+ "Response Object: %s\n"),
+ response.url,
+ payload,
+ vars(response))
+ if response.status_code == 404:
+ raise exception.NotFound(response.json()['message'])
+ elif response.status_code in [403, 401]:
+ raise exception.NotAuthorized()
+ elif response.status_code == 409 and conflict_ok:
+ # Don't raise, because we're expecting a conflict
+ pass
+ elif response.status_code == 503:
+ current_retry = 0
+ while current_retry <= self.retry_attempts:
+ LOG.debug("Datera 503 response, trying request again")
+ time.sleep(self.interval)
+ resp = self._request(connection_string,
+ method,
+ payload,
+ header,
+ cert_data)
+ if resp.ok:
+ return response.json()
+ elif resp.status_code != 503:
+ self._raise_response(resp)
+ else:
+ self._raise_response(response)
+
@_authenticated
def _issue_api_request(self, resource_type, method='get', resource=None,
- body=None, action=None, sensitive=False):
+ body=None, action=None, sensitive=False,
+ conflict_ok=False):
"""All API requests to Datera cluster go through this method.
:param resource_type: the type of the resource
@@ -436,17 +678,12 @@ class DateraDriver(san.SanISCSIDriver):
payload = json.dumps(body, ensure_ascii=False)
payload.encode('utf-8')
- if not sensitive:
- LOG.debug("Payload for Datera API call: %s", payload)
-
header = {'Content-Type': 'application/json; charset=utf-8'}
protocol = 'http'
if self.configuration.driver_use_ssl:
protocol = 'https'
- # TODO(thingee): Auth method through Auth-Token is deprecated. Remove
- # this and client cert verification stuff in the Liberty release.
if api_token:
header['Auth-Token'] = api_token
@@ -466,46 +703,21 @@ class DateraDriver(san.SanISCSIDriver):
if action is not None:
connection_string += '/%s' % action
- LOG.debug("Endpoint for Datera API call: %s", connection_string)
- try:
- response = getattr(requests, method)(connection_string,
- data=payload, headers=header,
- verify=False, cert=cert_data)
- except requests.exceptions.RequestException as ex:
- msg = _(
- 'Failed to make a request to Datera cluster endpoint due '
- 'to the following reason: %s') % six.text_type(
- ex.message)
- LOG.error(msg)
- raise exception.DateraAPIException(msg)
+ response = self._request(connection_string,
+ method,
+ payload,
+ header,
+ cert_data)
data = response.json()
- if not sensitive:
- LOG.debug("Results of Datera API call: %s", data)
if not response.ok:
- LOG.debug(("Datera Response URL: %s\n"
- "Datera Response Payload: %s\n"
- "Response Object: %s\n"),
- response.url,
- payload,
- vars(response))
- if response.status_code == 404:
- raise exception.NotFound(data['message'])
- elif response.status_code in [403, 401]:
- raise exception.NotAuthorized()
- elif response.status_code == 400 and 'invalidArgs' in data:
- msg = _('Bad request sent to Datera cluster:'
- 'Invalid args: %(args)s | %(message)s') % {
- 'args': data['invalidArgs']['invalidAttrs'],
- 'message': data['message']}
- raise exception.Invalid(msg)
- else:
- msg = _('Request to Datera cluster returned bad status:'
- ' %(status)s | %(reason)s') % {
- 'status': response.status_code,
- 'reason': response.reason}
- LOG.error(msg)
- raise exception.DateraAPIException(msg)
+ self._handle_bad_status(response,
+ connection_string,
+ method,
+ payload,
+ header,
+ cert_data,
+ conflict_ok=conflict_ok)
return data
diff --git a/releasenotes/notes/bp-datera-cinder-driver-update-2.1-5c6455b45563adc5.yaml b/releasenotes/notes/bp-datera-cinder-driver-update-2.1-5c6455b45563adc5.yaml
new file mode 100644
index 00000000000..e97f57289c0
--- /dev/null
+++ b/releasenotes/notes/bp-datera-cinder-driver-update-2.1-5c6455b45563adc5.yaml
@@ -0,0 +1,7 @@
+---
+features:
+ - Updating the Datera Elastic DataFabric Storage Driver
+ to version 2.1. This adds ACL support, Multipath
+ support and basic IP pool support.
+ - Changes config option default for datera_num_replicas
+ from 1 to 3
diff --git a/requirements.txt b/requirements.txt
index 5cb20df1b99..ddc856b12e3 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -10,6 +10,7 @@ eventlet!=0.18.3,>=0.18.2 # MIT
greenlet>=0.3.2 # MIT
httplib2>=0.7.5 # MIT
iso8601>=0.1.11 # MIT
+ipaddress>=1.0.7;python_version<'3.3' # PSF
keystonemiddleware!=4.1.0,!=4.5.0,>=4.0.0 # Apache-2.0
lxml>=2.3 # BSD
oauth2client>=1.5.0 # Apache-2.0