← Back to team overview

openstack team mailing list archive

Re: initramfs-growroot or LVM

 

Hello Davide,

> Hi Owen,
> is this about the nova file injection? [1]

No this is general how to connect to a guest file system for example
rsync backups :)

I have not looked at libguestfs something I should do.

>
> Although I don't like it too much, this is definitely a reason not to use LVM. 
>
> Thanks for the clarification. However now I've more questions! :)
>  
> Besides the potential volume group clash with the management domain, should one worry about the clash between VMS that are being created on the same host at the same time?

No issues using kpartx and lvm concurrently so far in my experience, but
when I discovered this issue with clashing volume groups I gave up using
LVM on my VM's.

I just looked at libguestfs and this is very clear that its blocking and
single threaded.

>
> Is it possible for a malicious user (with image upload permissions) to "guess" (this is rather simple, IMO) one of the management domain volume group name and then perform a DoS?

Using the "vgchange -ay" command yes.

Regards

Owen


> Best,
>  Davide.
>
>
> [1] https://www.berrange.com/posts/2012/11/15/692/
>
> On 10/feb/2013, at 04:54, Owen Synge <osynge@xxxxxxxxxxxxxx> wrote:
>
>> Dear Davide,
>>
>> Please dont use LVM in cloud images unless you want to encrypt the
>> content and then please use a very unique volume group name. Reason follows.
>>
>> If you want to allow the mangement domain to mount your partitons and
>> make edits then the management domain must first use something like
>> kpartx which allows you to present virtual disk partitons. These virtual
>> disk partitions can then be mounted if its a normal file system, but if
>> you used LVM, the partitions must be scanned by your system and added to
>> your systems volume group space, if these volume groups names clash with
>> volume groups being used on the management domain their can be problems
>> for the management domain to release the resources.
>>
>> I should report this issue to LVM one day and see if they think it could
>> be fixed some how. I have found xfs to be very good, and but for a
>> virgin project /I think//Btrfs/ might be worth investigation what it
>> brings to the table as it should be available without special measures
>> in all future operating systems.
>>
>> Regards
>>
>> Owen
>>
>>
>>
>> On 08/02/13 09:55, Davide Guerri wrote:
>>> Hi all,
>>> I'm preparing some cloud images for the major Linux distributions and I'd like they to grow their root fs on boot (to use all the available space).
>>>
>>> Ubuntu cloud images (http://cloud-images.ubuntu.com) use initramfs-growroot but installing it (and maintaining it across kernel upgrade) could be tricky -at least for me- on redhat derived like centos or fedora. 
>>>
>>> So my question is: what are pros and cons of using an ext3/4 root-fs and initramfs-growroot, or LVM (with a custom script that runs on first boot)?
>>>
>>> Thanks,
>>> Davide.
>>>
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help   : https://help.launchpad.net/ListHelp
>>
>>
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~openstack
>> More help   : https://help.launchpad.net/ListHelp



References