Hi,
The examples I could find on the internet using LVM as backend for Cinder, they expose a local disk using lvm via Cinder.
I did this configuration and I am wondering if it's correct, especially from a "simultaneous access" point of view.
I have an iSCSI target backed by targetcli that exposes a LUN to my compute nodes. I did configure the iscsi connexion manually on each one of them and they all see the LUN, then on one of them I created the cinder-volumes VG (the other nodes can see the modifications), then I configured Cinder with lvm backend using this VG and it worked. I created some volumes on it without issues using my account. But what about when there are multiple tenants that try to create multiple volumes on it, is this configuration safe?
I might not be 100% correct but I don't think it should affect anything.
The backend, here LVM, doesn't have any information of the LUN association with the project and OpenStack does the management
of associating volumes (OpenStack terminology of LUNs) with a particular project also managing the access via keystone roles and scopes.
The backend shouldn't worry about the access of a LUN from a different project since "project" is an OpenStack concept which is handled in the OpenStack layer itself.
Unless a LUN export/map request is coming from outside of OpenStack, proper authorization and authentication should be maintained.
Thanks
Rajat Dhasmana