jewel: fs: essential backports for OpenStack Manila #10453
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Allow clients to be restricted to read-only mount of the volume by restricting their ceph auth ID's MDS and OSD caps to read-only. Fixes: http://tracker.ceph.com/issues/15614 Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit 011ea5e)
|
tested by ceph/ceph-qa-suite#1100 |
ajarr
changed the title
|
Test failed on missing fsync http://qa-proxy.ceph.com/teuthology/jspray-2016-07-29_05:06:54-fs:recovery-wip-manila-backports-jewel-distro-basic-mira/339326/teuthology.log Cherry picked 4356b8f to the instance of wip-manila-backports-jewel built for testing and will retest. @ajarr can you cherry-pick that commit to this PR too please? |
|
Passing with the extra 4356b8f commit here: http://pulpito.ceph.com/jspray-2016-08-01_19:41:23-fs:recovery-wip-manila-backports-jewel-distro-basic-mira/ |
The 'rw+' style flags are handy and convenient, but they don't capture all possibilities. Change to optionally accept an integer here for advance users who want to specify arbitrary combinations of flags. Signed-off-by: John Spray <john.spray@redhat.com> (cherry picked from commit 5678584)
Store a two-way mapping between auth IDs and volumes. Enables us to record some metadata on auth ids (which openstack tenant created it) so that we can avoid exposing keys to other tenants who try to use the same ceph auth id. Enables us to expose the list of which auth ids have access to a volume, so that Manila's update_access() can be implemented efficiently. DNM: see TODOs inline. Fixes: http://tracker.ceph.com/issues/15615 Signed-off-by: John Spray <john.spray@redhat.com> (cherry picked from commit d2e9eb5)
Notable changes to data layout in auth meta and volume meta files: In the auth meta files, add a 'dirty' flag to track the status of auth updates to a single volume. In the volume meta file, make the 'dirty' flag track the status of auth updates for a single ID. Optimize the recovery of partial auth update changes to auth meta, volume meta, and the Ceph backend, facilitated by changes in the data layout in the meta files. Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit 7c8a28a)
Check dirty flag after locking something and call recover() if we are opening something dirty (racing with another instance of the driver restarting after failure) -- only required if someone running multiple manila-share instances with Ceph loaded. Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit 647a244)
So we don't necessary to syncfs when want to persistent some file. Signed-off-by: Xiaoxi Chen <xiaoxchen@ebay.com> (cherry picked from commit 1c952fb)
Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit 27eb51b)
Prevent craftily-named volume groups from colliding with meta files. Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit 7f7d2a7)
Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit f58403f)
File locks are applied on meta files before updating the meta file contents. These meta files would need to be cleaned up sometime, which could lead to locks being held on unlinked meta files. Prevent this by checking whether the file had been deleted after lock was acquired on it. Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit f7c0372)
Create and delete volume meta files during creation and deletion of volumes. Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit 37fbfc7)
Log the path of the volume during creation and deletion of volumes. Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit 7731287)
Remove auth meta files on last rule for an auth ID deletion Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit ec2e6e3)
Restrict an auth ID to a single OpenStack tenant to enforce strong tenant isolation of shares. Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit 82445a2)
Add class attributes to CephFSVolumeClient to version its capabilities. 'version' attribute stores the current version number of CephFSVolumeClient. 'compat_version' attribute stores the earliest version number of CephFSVolumeClient that the current version is compatible with. Fixes: http://tracker.ceph.com/issues/15406 Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit 46876fb)
Version on-disk metadata with two attributes, 'compat version', the minimum CephFSVolume Client version that can decode the metadata, and 'version', the version that encoded the metadata. Signed-off-by: Ramana Raja <rraja@redhat.com> (cherry picked from commit 1c1d65a)
ajarr
force-pushed
the
wip-manila-backports-jewel
branch
from
fa2e94d
to
e1eb8af
Compare
ghost
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ceph_volume_client: allow read-only authorization for volumes
Fixes: http://tracker.ceph.com/issues/15999
pybind: ceph_volume_client authentication metadata
Fixes: http://tracker.ceph.com/issues/16830
ceph_volume_client: add versioning
Fixes: http://tracker.ceph.com/issues/16831