yahoo-eng-team team mailing list archive

[Sean Dague <sean@xxxxxxxxx>]

Public bug reported:

because libvirt lvm volumes are based on instance['name'], it means that
the actual names used in lvm storage are based on an operator
configuration variable: instance_name_template

the default is 'instance-%08x'

however this is site changable, and changable at any time. This creates
2 failure modes.

#1) operator changes this, the result is all volumes created before the
change are no longer able to be cleaned up by nova

#2) operator has changed this to something that includes end user input,
like %(display_name), which would allow one user to impact another (use
A has display name "bob", user B has displayname "bob_joe") because of
https://github.com/openstack/nova/blob/master/nova/virt/libvirt/driver.py#L1068

specifically:

            pattern = '%s_' % instance['name']

            def belongs_to_instance(disk):
                return disk.startswith(pattern)

#2 is a non default situation, and requires specific config by an
adminstrator and specific naming by users, but it should be protected
against.

A much better approach would be to use instance['uuid'] which has no
operator or user impact on naming.

** Affects: nova
     Importance: High
     Assignee: Sean Dague (sdague)
         Status: New


** Tags: libvirt volumes

** Changed in: nova
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1285735

Title:
  libvirt lvm volumes based on instance['name'] not instance['uuid']

Status in OpenStack Compute (Nova):
  New

Bug description:
  because libvirt lvm volumes are based on instance['name'], it means
  that the actual names used in lvm storage are based on an operator
  configuration variable: instance_name_template

  the default is 'instance-%08x'

  however this is site changable, and changable at any time. This
  creates 2 failure modes.

  #1) operator changes this, the result is all volumes created before
  the change are no longer able to be cleaned up by nova

  #2) operator has changed this to something that includes end user
  input, like %(display_name), which would allow one user to impact
  another (use A has display name "bob", user B has displayname
  "bob_joe") because of
  https://github.com/openstack/nova/blob/master/nova/virt/libvirt/driver.py#L1068

  specifically:

              pattern = '%s_' % instance['name']

              def belongs_to_instance(disk):
                  return disk.startswith(pattern)

  #2 is a non default situation, and requires specific config by an
  adminstrator and specific naming by users, but it should be protected
  against.

  A much better approach would be to use instance['uuid'] which has no
  operator or user impact on naming.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1285735/+subscriptions