Add share driver for VastData storage#15
Open
vlboiko wants to merge 149 commits intogerrit-masterfrom
Open
Conversation
Share network subnets were not checking for the existence of share groups while processing a delete request. Then, if a share network had a share server that was tied to a share group, it would end up deleting the share server, leaving the share group orphan. When we triggered the deletion of the share group, it would fail, as the share server was not known to Manila anymore. Fix that issue by adding an extra validation step during the share network subnet delete API. Closes-Bug: #2004212 Depends-On: https://review.opendev.org/c/openstack/manila-tempest-plugin/+/875981 Change-Id: I563bf925523fa44689c83f432ce5a460276afef7
Fix the the below issues as part of this patch - Fix the issue when backup is created with wrong config. Due to wrong config backup status is not changing from creating status to failed. - Failed the backup creation when SnapMirror relationship created during backup creation was not healthy. - Added few fields in snapmirror GET API to fix the REST workflow for backup. - Incorporated left over review comments of patch I5a4edbf547e7886fb4fa9c1bed90110a33f9bf3b Closes-Bug: #2058027 Change-Id: I013ff3eedea54d9895e4c0446017aeb62c6bb833
... to give more explicit config validation error to operators early. This also allows using external tools like oslo-config-validator to detect an invalid value. Change-Id: I19c5b01e0d1bc9b93fc5973663b9df629db54916
Add code block for share network subnet set and unset to user guide. Closes-Bug: 2058391 Change-Id: If94d554378961388c6266a83025a5c74af077504
Added the logic in resource cleanup part to delete the vserver peering when source and destination vserver are not same. Closes-bug: #2058642 Change-Id: I02a70642a22095ab202f5846fff04d25321c4c1c
Replaces Huawei driver's use of Python's native XML library methods with defusedxml's methods instead. The native library is vulnerable to XML attacks while defusedxml isn't. This also makes Bandit 3 issues happier. Change-Id: I27d1204ec7dafd3b578d1261c3fd2e371ae405fb
Closes-Bug: #1942362 Change-Id: I14f56450f1bd048a0094db5c5cde0be396c3eb28
Bandit yelled at this use of urlopen but the security issue it's worried about does not apply in this case Change-Id: Id71c0ee4138b695ff19085a284ccced6b1a9dbba
Signed-off-by: Stephen Finucane <stephenfin@redhat.com> Change-Id: Ib67538ebd0f8ebbea5a700343f52655b0f7fecd4
To appease Bandit since SHA1 angers the beast, usedforsecurity=False will be bolted to the hash function Change-Id: I33bbb7070ada5509ca05c90d7a38077d38f54a1f
The most recent SQLAlchemy and Alembic versions are now in upper-constraints. As a result, this job has served its purpose and can be removed. For more information, see [1]. [1] https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/thread/RBHXHTO3GUOOXVSZXD4C2O3TKDOH2QSC/ Signed-off-by: Stephen Finucane <stephenfin@redhat.com> Depends-on: https://review.opendev.org/c/openstack/requirements/+/879743 Change-Id: I6a0aec45a87a6ff4cd14140fb21b6be0113b700e
To appease Bandit, timeouts have to be everywhere. So here are some timeouts so Bandit stops crying. Change-Id: I2a913f3b87e16554b1bd68543fcf254cc4226031
Enable new defaults and scope checks by default As discussed in PTG, we need to test the new RBAC and accordingly enable the new defaults and scope check by default. Change-Id: I02a2b7e9296e3034d7c20656a12cbdb2cb7a3182 Signed-off-by: Goutham Pacha Ravi <gouthampravi@gmail.com>
The purpose of md5 was not specified. Veritas drivers use mds hashes which pop on bandit as security issues Putting "usedforsecurity=False" properly shows the hash function is not use for security. Change-Id: I78a5b708cd970dcb60f480d8e6a201d0768645fc
Make sure that all password options is defined with secret=True so that the given values do not appear in debug logs. Also remove the redundant default=None . Change-Id: I989e825ef160a65a5a72c58d6fd4e8099044bcd5
Bandit is yelling but these aren't used for security purposes, I think, so this will sort out Bandit Change-Id: I0e686c91ce02ea42719d00d17f6ed659e97470ac
Bandit is yelling about possible SQL injection because an SQL command is being amended, but it's being amended onto a blank string so I do not think this is a security issue. Also, Bandit is yelling about 0.0.0.0 being binded but this is intentional and will break stuff if changed. Change-Id: I3e974a2113b29af1111f27ca1afeb78091a0ec75
Backup restore is failing across the ONTAP cluster for REST client. Added the logic to use to destination vserver client for REST client to restore the backup and modify the restore lib for cmode REST client accordingly. Closes-Bug: #2059399 Change-Id: Icd7f1b52a10659ee1cfeef3accbbb725d4046a13
Replaces qnap driver's use of Python's Standard XML library methods with defusedxml's methods instead.The defusedXML protects the app from XML attacks. Instructed bandit to skip the line 86 of api.py of qnap driver. _create_unverified_context was intentionally used by developer which bandit wasn't happy about. Change-Id: I171c90a281c7b62c2601131293f9f00a926641e2
Adds a Bandit testing environment to the tox.ini file and adds a job to project.yaml Zuul CI file to run the Bandit test environment. Also includes a nosec comment to ignore a hardbinding to 0.0.0.0 in service.py Depends-On: I78a5b708cd970dcb60f480d8e6a201d0768645fc Depends-On: I27d1204ec7dafd3b578d1261c3fd2e371ae405fb Depends-On: I2a913f3b87e16554b1bd68543fcf254cc4226031 Depends-On: I46ad1a7ca723157488525ca7239cbd0ef421b975 Depends-On: Ib5404d9e165be5879f5351c3f0952648ae702b2d Depends-On: Id71c0ee4138b695ff19085a284ccced6b1a9dbba Depends-On: I33bbb7070ada5509ca05c90d7a38077d38f54a1f Depends-On: I3e974a2113b29af1111f27ca1afeb78091a0ec75 Depends-On: I0e686c91ce02ea42719d00d17f6ed659e97470ac Depends-On: I171c90a281c7b62c2601131293f9f00a926641e2 Change-Id: I8eb93cdcd5d47a6a5495ee7277c72d5f028cb412
This change introduce a new extra spec netapp:efficiency_policy where the user can specify a pre-created NetApp efficiency policy from share located share-server. During share creation, User specified efficiency policy can be applied to the FlexVol/FlexGroup volume that corresponds to the Manila Share. Blueprint: manila-netapp-efficiency-policy Change-Id: I1ebc1b8ac6d70c4f525593d0fc75aa0cae2b22bf
This patch provides the support for share server migrations between different physical networks. It is achieved by creating an inactive port binding on the target host during share server migration, and then cut it over to target host when migration completes. The implementation is driver agnostic, so this feature should be not limited to specific driver, although it is only tested against NetApp driver. The feature is enabled by a new share service option 'server_migration_extend_neutron_network'. The support for multiple binding Manila ports is added in Neutron's 2023.1 release. Closes-Bug: #2002019 Change-Id: I18d0dd1847a09f28989b1a2b62fc6ff8f8155def
This patch adds support for Share Export Locations in the Metadata Controller. Co-Authored-By: Ashley Rodriguez <ashrod98@gmail.com> Partially-implements: bp metadata-for-share-resources Change-Id: Icf096a5cbc650f02eca68d714c876eb854499b9b
The NetApp ONTAP driver now supports the SnapLock feature. New capability 'netapp_snaplock_type' has been added to the backend pool to create and schedule shares on the required WORM-supported pool. Extra spec, 'netapp_snaplock_type', can be used to create SnapLock volumes. Additionally, extra specs related to the SnapLock retention period have been introduced to set the retention period on SnapLock volumes. Implements: blueprint snaplock-support-for-manila-driver Change-Id: I73c4d027852fbfbbdab59538cbe23ba1487da0de
The line appears in the built note with heading "-|" because of too many spaces. Change-Id: I25b3f82164145e8198338df8b394de61fdddb475
"delete" was the only lock action supported when we introduced the API; but we now support "show" as well for the access rules resource. Also fix an incorrect parameter in the PUT /resource-locks method. Change-Id: Ie276d9c984586ad5b90581e46796d390f748ce1f Signed-off-by: Goutham Pacha Ravi <gouthampravi@gmail.com>
This is follow-up patch to fix the few left over comment from patch https://review.opendev.org/c/openstack/manila/+/926049 Closes-Bug: #2079967 Change-Id: I275a3680d3ea6b1b1ea69d78d4b7fecb4f61af03
Export locations of active share replicas was updated but not those of the share itself. Closes-Bug: #2017501 Change-Id: I33204657401f3eadd490fc50fedaef899dcff297
Drivers can set arbitrary key=value metadata to export paths. The share manager now checks updates to previously set metadata when drivers update this metadata with the "ensure_shares" routine. Change-Id: Ia42de608ba056d71a1deae2c59bfb43a11672ab7 Partial-Bug: #2053100
The CephFS driver used to set the "preferred" export path by sending back an export location model update; however, the "preferred" keyword is expected in the export location's metadata, not in the export location dict. Change-Id: Id2214412fe75456cdb52edb5ff261d32b063655f Closes-Bug: #2053100
Add file to the reno documentation build to show release notes for stable/2024.2. Use pbr instruction to increment the minor version number automatically so that master versions are higher than the versions on stable/2024.2. Sem-Ver: feature Change-Id: I943bfc7a42b493a44a17a5babf5b55c5279cc990
This is a follow-up change to the ensure shares APIs [1]. An additional policy check was added, but it was not needed, as it was already being performed by the decorator, so we remove it. [1] https://review.opendev.org/c/openstack/manila/+/924279 Change-Id: Iab25d5a6a3906dfdb1cb3473188edcc5fafc80d4
- Deferred deletion would be regular deletion where quota is freed before resource deletion by driver and deletion states are hidden from end-user. Also, everything will be handled by Manila or admin if any error occurs in deletion. - Any error during deferred deletion will put share/snapshot in error_deferrer_deleting state and periodic task will handle it. - count_share_group_snapshot_members_in_share() should not return share instances in deferred deletion states as those shares are hidden from end-user once deferred deleted. Only actual deletion (by driver) will make sure snapshot instance of share instance should be deleted before share instance deletion. partially-implements: bp/deferred-deletion Closes-bug: #2068043 Change-Id: Ie827619d3952d1db69559206b5dfd47efb4cf7b1
vlboiko
force-pushed
the
vastdata-driver
branch
from
38cf18a to
9f370d0
Compare
For more information about this automatic import see: https://docs.openstack.org/i18n/latest/reviewing-translation-import.html Change-Id: I81b38add53b95f46adef8b3a84a592bb7de6476d
vlboiko
force-pushed
the
vastdata-driver
branch
from
9f370d0 to
1372ea8
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This driver enables use of the VastData filesystem for Manila shares. NFS vers 3 is supported
Following interfaces are supported:
Implements: bp tests_and_pep8
Change-Id: I7e8f81694183210b146d60a132a933eabd8b1eb1