[Openstack-security] [Bug 1369627] Related fix merged to nova (master)

OpenStack Infra 1369627 at bugs.launchpad.net
Mon Aug 10 10:13:08 UTC 2015 

Reviewed:  https://review.openstack.org/123073
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=adecf780d3ed4315e4ce305cb1821d493650494b
Submitter: Jenkins
Branch:    master

commit adecf780d3ed4315e4ce305cb1821d493650494b
Author: Michael Still <mikal at stillhq.com>
Date:   Tue Nov 25 15:42:47 2014 +0300

    Handle config drives being stored on rbd
    
    rbd is the only example of a currently supported image storage
    backend where it makes sense to put the config drive in the
    configured storage backend instead of local hypervisor disk. I
    don't think this makes sense for LVM, where we would be creating
    a LV for a tens of megabytes file, which seems like overkill to
    me. The other storage backends use local disk for their data
    already.
    
    This use case was covered by the now reverted changes:
      228d0221763b12f11ecbacde4db38b1151f96e31
      0b01e846d40f3b343da9ebe1dae89cca8bc2ac66
      ecce888c469c62374a3cc43e3cede11d8aa1e799
    
    Support this special case by moving the image to rbd once it has
    been created in the local instance directory on the hypervisor.
    
    I've tested this change in devstack and it works.
    
    Related-bug: #1369627
    Related-bug: #1361840
    Related-bug: #1246201
    
    Co-Authored-By: Mehdi Abaakouk <sileht at redhat.com>
    Co-Authored-By: Dan Smith <dms at danplanet.com>
    
    Change-Id: Ia3ca5a18c79d62b71b9c042a612d12dd074b245e

-- 
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1369627

Title:
  libvirt disk.config will have issues when booting two with different
  config drive values

Status in OpenStack Compute (nova):
  Fix Released
Status in OpenStack Security Advisory:
  Won't Fix

Bug description:
  Currently, in the image creating code for Juno we have

          if configdrive.required_by(instance):
              LOG.info(_LI('Using config drive'), instance=instance)

              image_type = self._get_configdrive_image_type()
              backend = image('disk.config', image_type)
              backend.cache(fetch_func=self._create_configdrive,
                            filename='disk.config' + suffix,
                            instance=instance,
                            admin_pass=admin_pass,
                            files=files,
                            network_info=network_info)

  The important thing to notice here is that we have
  "filename='disk.confg' + suffix".  This means that the filename for
  the config drive in the cache directory will be simply 'disk.config'
  followed by any potential suffix (e.g. '.rescue').  This name is not
  unique to the instance whose config drive we are creating.  Therefore,
  when we go to boot another instance with a different config drive, the
  cache function will detect the old config drive, and decide it doesn't
  need to create the new config drive with the appropriate config for
  the new instance.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1369627/+subscriptions

More information about the Openstack-security mailing list