Add rbd secret_uuid in secondary config
- Update initialize_connection to return active
backend connection data.
- Add secret_uuid support in secondary config
For example:
replication_device = backend_id:secondary,
conf:/etc/ceph/secondary.conf,
user:SECONDARY_UDER,
secret_uuid:SENDARY_SECRET_UUID
Closes-Bug #1828974
Change-Id: I1692310ef8ddc8ace88c4209fa447722ee422aaf
This commit is contained in:
Minmin Ren
renminmin
parent
254ed254cf
commit
e0e912b084
@ -268,7 +268,8 @@ class RBDTestCase(test.TestCase):
|
|||||||
cfg = [{'backend_id': 'secondary-backend'}]
|
cfg = [{'backend_id': 'secondary-backend'}]
|
||||||
expected = [{'name': 'secondary-backend',
|
expected = [{'name': 'secondary-backend',
|
||||||
'conf': '/etc/ceph/secondary-backend.conf',
|
'conf': '/etc/ceph/secondary-backend.conf',
|
||||||
'user': 'cinder'}]
|
'user': 'cinder',
|
||||||
|
'secret_uuid': self.cfg.rbd_secret_uuid}]
|
||||||
self.driver._parse_replication_configs(cfg)
|
self.driver._parse_replication_configs(cfg)
|
||||||
self.assertEqual(expected, self.driver._replication_targets)
|
self.assertEqual(expected, self.driver._replication_targets)
|
||||||
|
|
||||||
@ -280,10 +281,12 @@ class RBDTestCase(test.TestCase):
|
|||||||
{'backend_id': 'tertiary-backend'}]
|
{'backend_id': 'tertiary-backend'}]
|
||||||
expected = [{'name': 'secondary-backend',
|
expected = [{'name': 'secondary-backend',
|
||||||
'conf': 'foo',
|
'conf': 'foo',
|
||||||
'user': 'bar'},
|
'user': 'bar',
|
||||||
|
'secret_uuid': self.cfg.rbd_secret_uuid},
|
||||||
{'name': 'tertiary-backend',
|
{'name': 'tertiary-backend',
|
||||||
'conf': '/etc/ceph/tertiary-backend.conf',
|
'conf': '/etc/ceph/tertiary-backend.conf',
|
||||||
'user': 'cinder'}]
|
'user': 'cinder',
|
||||||
|
'secret_uuid': self.cfg.rbd_secret_uuid}]
|
||||||
self.driver._parse_replication_configs(cfg[:num_targets])
|
self.driver._parse_replication_configs(cfg[:num_targets])
|
||||||
self.assertEqual(expected[:num_targets],
|
self.assertEqual(expected[:num_targets],
|
||||||
self.driver._replication_targets)
|
self.driver._replication_targets)
|
||||||
@ -297,16 +300,19 @@ class RBDTestCase(test.TestCase):
|
|||||||
self.assertEqual([], self.driver._target_names)
|
self.assertEqual([], self.driver._target_names)
|
||||||
self.assertEqual({'name': self.cfg.rbd_cluster_name,
|
self.assertEqual({'name': self.cfg.rbd_cluster_name,
|
||||||
'conf': self.cfg.rbd_ceph_conf,
|
'conf': self.cfg.rbd_ceph_conf,
|
||||||
'user': self.cfg.rbd_user},
|
'user': self.cfg.rbd_user,
|
||||||
|
'secret_uuid': self.cfg.rbd_secret_uuid},
|
||||||
self.driver._active_config)
|
self.driver._active_config)
|
||||||
|
|
||||||
def test_do_setup_replication(self):
|
def test_do_setup_replication(self):
|
||||||
cfg = [{'backend_id': 'secondary-backend',
|
cfg = [{'backend_id': 'secondary-backend',
|
||||||
'conf': 'foo',
|
'conf': 'foo',
|
||||||
'user': 'bar'}]
|
'user': 'bar',
|
||||||
|
'secret_uuid': 'secondary_secret_uuid'}]
|
||||||
expected = [{'name': 'secondary-backend',
|
expected = [{'name': 'secondary-backend',
|
||||||
'conf': 'foo',
|
'conf': 'foo',
|
||||||
'user': 'bar'}]
|
'user': 'bar',
|
||||||
|
'secret_uuid': 'secondary_secret_uuid'}]
|
||||||
|
|
||||||
with mock.patch.object(self.driver.configuration, 'safe_get',
|
with mock.patch.object(self.driver.configuration, 'safe_get',
|
||||||
return_value=cfg):
|
return_value=cfg):
|
||||||
@ -315,16 +321,19 @@ class RBDTestCase(test.TestCase):
|
|||||||
self.assertEqual(expected, self.driver._replication_targets)
|
self.assertEqual(expected, self.driver._replication_targets)
|
||||||
self.assertEqual({'name': self.cfg.rbd_cluster_name,
|
self.assertEqual({'name': self.cfg.rbd_cluster_name,
|
||||||
'conf': self.cfg.rbd_ceph_conf,
|
'conf': self.cfg.rbd_ceph_conf,
|
||||||
'user': self.cfg.rbd_user},
|
'user': self.cfg.rbd_user,
|
||||||
|
'secret_uuid': self.cfg.rbd_secret_uuid},
|
||||||
self.driver._active_config)
|
self.driver._active_config)
|
||||||
|
|
||||||
def test_do_setup_replication_failed_over(self):
|
def test_do_setup_replication_failed_over(self):
|
||||||
cfg = [{'backend_id': 'secondary-backend',
|
cfg = [{'backend_id': 'secondary-backend',
|
||||||
'conf': 'foo',
|
'conf': 'foo',
|
||||||
'user': 'bar'}]
|
'user': 'bar',
|
||||||
|
'secret_uuid': 'secondary_secret_uuid'}]
|
||||||
expected = [{'name': 'secondary-backend',
|
expected = [{'name': 'secondary-backend',
|
||||||
'conf': 'foo',
|
'conf': 'foo',
|
||||||
'user': 'bar'}]
|
'user': 'bar',
|
||||||
|
'secret_uuid': 'secondary_secret_uuid'}]
|
||||||
self.driver._active_backend_id = 'secondary-backend'
|
self.driver._active_backend_id = 'secondary-backend'
|
||||||
|
|
||||||
with mock.patch.object(self.driver.configuration, 'safe_get',
|
with mock.patch.object(self.driver.configuration, 'safe_get',
|
||||||
@ -1516,6 +1525,9 @@ class RBDTestCase(test.TestCase):
|
|||||||
keyring_data = "[client.cinder]\n key = test\n"
|
keyring_data = "[client.cinder]\n key = test\n"
|
||||||
mock_keyring.return_value = keyring_data
|
mock_keyring.return_value = keyring_data
|
||||||
|
|
||||||
|
self.driver._active_config = {'name': 'secondary_id',
|
||||||
|
'user': 'foo',
|
||||||
|
'conf': 'bar'}
|
||||||
expected = {
|
expected = {
|
||||||
'driver_volume_type': 'rbd',
|
'driver_volume_type': 'rbd',
|
||||||
'data': {
|
'data': {
|
||||||
@ -1523,11 +1535,11 @@ class RBDTestCase(test.TestCase):
|
|||||||
self.volume_a.name),
|
self.volume_a.name),
|
||||||
'hosts': hosts,
|
'hosts': hosts,
|
||||||
'ports': ports,
|
'ports': ports,
|
||||||
'cluster_name': self.cfg.rbd_cluster_name,
|
'cluster_name': 'secondary_id',
|
||||||
'auth_enabled': True,
|
'auth_enabled': True,
|
||||||
'auth_username': self.cfg.rbd_user,
|
'auth_username': 'foo',
|
||||||
'secret_type': 'ceph',
|
'secret_type': 'ceph',
|
||||||
'secret_uuid': None,
|
'secret_uuid': self.cfg.rbd_secret_uuid,
|
||||||
'volume_id': self.volume_a.id,
|
'volume_id': self.volume_a.id,
|
||||||
'discard': True,
|
'discard': True,
|
||||||
'keyring': keyring_data,
|
'keyring': keyring_data,
|
||||||
@ -1540,6 +1552,13 @@ class RBDTestCase(test.TestCase):
|
|||||||
expected['data']['keyring'] = None
|
expected['data']['keyring'] = None
|
||||||
self._initialize_connection_helper(expected, hosts, ports)
|
self._initialize_connection_helper(expected, hosts, ports)
|
||||||
|
|
||||||
|
self.driver._active_config = {'name': 'secondary_id',
|
||||||
|
'user': 'foo',
|
||||||
|
'conf': 'bar',
|
||||||
|
'secret_uuid': 'secondary_secret_uuid'}
|
||||||
|
expected['data']['secret_uuid'] = 'secondary_secret_uuid'
|
||||||
|
self._initialize_connection_helper(expected, hosts, ports)
|
||||||
|
|
||||||
def test__get_keyring_contents_no_config_file(self):
|
def test__get_keyring_contents_no_config_file(self):
|
||||||
self.cfg.rbd_keyring_conf = ''
|
self.cfg.rbd_keyring_conf = ''
|
||||||
self.assertIsNone(self.driver._get_keyring_contents())
|
self.assertIsNone(self.driver._get_keyring_contents())
|
||||||
|
|||||||
@ -261,7 +261,8 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
|||||||
return {
|
return {
|
||||||
'name': self.configuration.rbd_cluster_name,
|
'name': self.configuration.rbd_cluster_name,
|
||||||
'conf': self.configuration.rbd_ceph_conf,
|
'conf': self.configuration.rbd_ceph_conf,
|
||||||
'user': self.configuration.rbd_user
|
'user': self.configuration.rbd_user,
|
||||||
|
'secret_uuid': self.configuration.rbd_secret_uuid
|
||||||
}
|
}
|
||||||
raise exception.InvalidReplicationTarget(
|
raise exception.InvalidReplicationTarget(
|
||||||
reason=_('RBD: Unknown failover target host %s.') % target_id)
|
reason=_('RBD: Unknown failover target host %s.') % target_id)
|
||||||
@ -291,10 +292,13 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
|||||||
self.SYSCONFDIR + name + '.conf')
|
self.SYSCONFDIR + name + '.conf')
|
||||||
user = replication_device.get(
|
user = replication_device.get(
|
||||||
'user', self.configuration.rbd_user or 'cinder')
|
'user', self.configuration.rbd_user or 'cinder')
|
||||||
|
secret_uuid = replication_device.get(
|
||||||
|
'secret_uuid', self.configuration.rbd_secret_uuid)
|
||||||
# Pool has to be the same in all clusters
|
# Pool has to be the same in all clusters
|
||||||
replication_target = {'name': name,
|
replication_target = {'name': name,
|
||||||
'conf': utils.convert_str(conf),
|
'conf': utils.convert_str(conf),
|
||||||
'user': utils.convert_str(user)}
|
'user': utils.convert_str(user),
|
||||||
|
'secret_uuid': secret_uuid}
|
||||||
LOG.info('Adding replication target: %s.', name)
|
LOG.info('Adding replication target: %s.', name)
|
||||||
self._replication_targets.append(replication_target)
|
self._replication_targets.append(replication_target)
|
||||||
self._target_names.append(name)
|
self._target_names.append(name)
|
||||||
@ -302,7 +306,8 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
|||||||
def _get_config_tuple(self, remote=None):
|
def _get_config_tuple(self, remote=None):
|
||||||
if not remote:
|
if not remote:
|
||||||
remote = self._active_config
|
remote = self._active_config
|
||||||
return (remote.get('name'), remote.get('conf'), remote.get('user'))
|
return (remote.get('name'), remote.get('conf'), remote.get('user'),
|
||||||
|
remote.get('secret_uuid', None))
|
||||||
|
|
||||||
def _trash_purge(self):
|
def _trash_purge(self):
|
||||||
LOG.info("Purging trash for backend '%s'", self._backend_name)
|
LOG.info("Purging trash for backend '%s'", self._backend_name)
|
||||||
@ -375,7 +380,7 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
|||||||
def _ceph_args(self):
|
def _ceph_args(self):
|
||||||
args = []
|
args = []
|
||||||
|
|
||||||
name, conf, user = self._get_config_tuple()
|
name, conf, user, secret_uuid = self._get_config_tuple()
|
||||||
|
|
||||||
if user:
|
if user:
|
||||||
args.extend(['--id', user])
|
args.extend(['--id', user])
|
||||||
@ -391,7 +396,7 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
|||||||
self.configuration.rados_connection_interval,
|
self.configuration.rados_connection_interval,
|
||||||
self.configuration.rados_connection_retries)
|
self.configuration.rados_connection_retries)
|
||||||
def _do_conn(pool, remote, timeout):
|
def _do_conn(pool, remote, timeout):
|
||||||
name, conf, user = self._get_config_tuple(remote)
|
name, conf, user, secret_uuid = self._get_config_tuple(remote)
|
||||||
|
|
||||||
if pool is not None:
|
if pool is not None:
|
||||||
pool = utils.convert_str(pool)
|
pool = utils.convert_str(pool)
|
||||||
@ -1389,6 +1394,7 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
|||||||
|
|
||||||
def initialize_connection(self, volume, connector):
|
def initialize_connection(self, volume, connector):
|
||||||
hosts, ports = self._get_mon_addrs()
|
hosts, ports = self._get_mon_addrs()
|
||||||
|
name, conf, user, secret_uuid = self._get_config_tuple()
|
||||||
data = {
|
data = {
|
||||||
'driver_volume_type': 'rbd',
|
'driver_volume_type': 'rbd',
|
||||||
'data': {
|
'data': {
|
||||||
@ -1396,11 +1402,11 @@ class RBDDriver(driver.CloneableImageVD, driver.MigrateVD,
|
|||||||
volume.name),
|
volume.name),
|
||||||
'hosts': hosts,
|
'hosts': hosts,
|
||||||
'ports': ports,
|
'ports': ports,
|
||||||
'cluster_name': self.configuration.rbd_cluster_name,
|
'cluster_name': name,
|
||||||
'auth_enabled': (self.configuration.rbd_user is not None),
|
'auth_enabled': (user is not None),
|
||||||
'auth_username': self.configuration.rbd_user,
|
'auth_username': user,
|
||||||
'secret_type': 'ceph',
|
'secret_type': 'ceph',
|
||||||
'secret_uuid': self.configuration.rbd_secret_uuid,
|
'secret_uuid': secret_uuid,
|
||||||
'volume_id': volume.id,
|
'volume_id': volume.id,
|
||||||
"discard": True,
|
"discard": True,
|
||||||
'keyring': self._get_keyring_contents(),
|
'keyring': self._get_keyring_contents(),
|
||||||
|
|||||||
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
Rbd replication secondary device could set different user and keyring with primary cluster.
|
||||||
|
Secondary secret_uuid value is configed in libvirt secret, and libvirtd using secondary secret
|
||||||
|
reconnect to secondary cluster after Cinder failover host.
|
||||||
Loading…
x
Reference in New Issue
Block a user