From 949cc46e162e00092aa85a7be921649c8dbf2bf8 Mon Sep 17 00:00:00 2001 From: Matan Sabag Date: Wed, 15 Aug 2018 13:01:36 +0300 Subject: [PATCH] ScaleIO: Disable volume creation without padding Applying previous fix for thick volumes to thin volumes to disallow volume creation without zero padding unless enabled via config option. Change-Id: Ibaf6e9b67d252a5aae1b0f64ec632ec26789c389 Closes-Bug: #1784871 Signed-off-by: Matan Sabag --- .../volume/drivers/dell_emc/scaleio/mocks.py | 3 +++ .../volume/drivers/dell_emc/scaleio/driver.py | 23 +++++++++++++------ .../notes/bug-1784871-7f67402eb13abca7.yaml | 7 ++++++ 3 files changed, 26 insertions(+), 7 deletions(-) create mode 100644 releasenotes/notes/bug-1784871-7f67402eb13abca7.yaml diff --git a/cinder/tests/unit/volume/drivers/dell_emc/scaleio/mocks.py b/cinder/tests/unit/volume/drivers/dell_emc/scaleio/mocks.py index b0e51363a47..b3f2ea3b1e5 100644 --- a/cinder/tests/unit/volume/drivers/dell_emc/scaleio/mocks.py +++ b/cinder/tests/unit/volume/drivers/dell_emc/scaleio/mocks.py @@ -40,6 +40,9 @@ class ScaleIODriver(driver.ScaleIODriver): def unmanage(self, volume): pass + def _is_volume_creation_safe(self, _pd, _sp, _pt): + return True + class MockHTTPSResponse(requests.Response): """Mock HTTP Response diff --git a/cinder/volume/drivers/dell_emc/scaleio/driver.py b/cinder/volume/drivers/dell_emc/scaleio/driver.py index b00ed6c4b95..e23b9e95c63 100644 --- a/cinder/volume/drivers/dell_emc/scaleio/driver.py +++ b/cinder/volume/drivers/dell_emc/scaleio/driver.py @@ -113,6 +113,12 @@ scaleio_opts = [ 'when zero padding is disabled. This option should ' 'not be enabled if multiple tenants will utilize ' 'thick volumes from a shared Storage Pool.'), + cfg.BoolOpt('sio_allow_non_padded_volumes', + default=False, + help='Allow volumes to be created in Storage Pools ' + 'when zero padding is disabled. This option should ' + 'not be enabled if multiple tenants will utilize ' + 'volumes from a shared Storage Pool.'), ] CONF.register_opts(scaleio_opts, group=configuration.SHARED_CONF_GROUP) @@ -496,17 +502,19 @@ class ScaleIODriver(driver.VolumeDriver): protection_domain, storage_pool, provision_type): - """Checks if volume creation is safe or not + """Checks if volume creation is safe or not. - using thick volumes with zero padding disabled can lead - to existing data being read off of a newly created volume + Using volumes with zero padding disabled can lead to existing data + being read off of a newly created volume. """ # if we have been told to allow unsafe volumes - if self.configuration.sio_allow_non_padded_thick_volumes: + if self.configuration.sio_allow_non_padded_volumes: + # Enabled regardless of type, so safe to proceed return True - # all thin volumes are safe - if provision_type == 'ThinProvisioned': + if (provision_type == 'ThickProvisioned' and + self.configuration.sio_allow_non_padded_thick_volumes): + # Enabled for thick volumes return True try: @@ -613,7 +621,8 @@ class ScaleIODriver(driver.VolumeDriver): "zero padding being disabled for pool, %s:%s. " "This behaviour can be changed by setting " "the configuration option " - "sio_allow_non_padded_thick_volumes = True.", + "sio_allow_non_padded_thick_volumes = True or" + "sio_allow_non_padded_volumes = True.", protection_domain_name, storage_pool_name) msg = _("Volume creation rejected due to " diff --git a/releasenotes/notes/bug-1784871-7f67402eb13abca7.yaml b/releasenotes/notes/bug-1784871-7f67402eb13abca7.yaml new file mode 100644 index 00000000000..810d850d174 --- /dev/null +++ b/releasenotes/notes/bug-1784871-7f67402eb13abca7.yaml @@ -0,0 +1,7 @@ +security: + - | + Removed the ability to create volumes in a ScaleIO Storage Pool + that has zero-padding disabled. + A new configuration option had been added to override this new + behavior and allow volume creation, but should not be enabled if + multiple tenants will utilize volumes from a shared Storage Pool.