Bug 1489127
| Summary: | Cinder backup uses os_brick to create a nfs share for backup and fails creating subdirectories | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | David Vallee Delisle <dvd> | ||||
| Component: | openstack-cinder | Assignee: | Eric Harney <eharney> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Avi Avraham <aavraham> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 10.0 (Newton) | CC: | aavraham, abishop, amcleod, coldford, dmaley, dvd, eharney, geguileo, jzaher, mmethot, pdeore, pgrist, scohen, srevivo, tshefi | ||||
| Target Milestone: | z9 | Keywords: | Triaged, ZStream | ||||
| Target Release: | 10.0 (Newton) | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | openstack-cinder-9.1.4-34.el7ost | Doc Type: | Bug Fix | ||||
| Doc Text: |
Previously, the Cinder Backup service NFS backend assumed that the NFS server has been configured to allow the Backup service to create files and directories on the server. The Backup service runs as a non-privileged 'cinder' user, requiring file permissions and ownership on the server to be set correctly. This caused backups to fail if the NFS server was not configured to allow the 'cinder' user to create files and directories.
With this update, when initializing the NFS backend, the Backup service checks whether the server permissions and directory ownership are correct. The permissions and directory ownership are updated automatically to ensure the Backup service operates correctly.
|
Story Points: | --- | ||||
| Clone Of: | |||||||
| : | 1566071 1566091 (view as bug list) | Environment: | |||||
| Last Closed: | 2018-09-17 16:57:43 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | 1566071, 1566091 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
Patch has been backported upstream to Pike, next effort is to propose the patch to driverfixes/ocata and driverfixes/newton. Then we can backport to OSP releases. Verified on: openstack-cinder-9.1.4-40.el7ost.noarch Created a volume, in my case from an image to add some data. #cinder create 2 --image-id cad7c940-27e4-418c-83de-4490986eb59a --name cirrosvol Configure Cinder backup with nfs, restart cinder backup service Backup the new volume cinder backup-create beebd668-2410-4602-9030-2a6f1937150f +-----------+--------------------------------------+ | Property | Value | +-----------+--------------------------------------+ | id | 489b141c-dcf6-4452-940e-07618849c4c5 | | name | None | | volume_id | beebd668-2410-4602-9030-2a6f1937150f | +-----------+--------------------------------------+ Backup available -> cinder backup-list +--------------------------------------+--------------------------------------+-----------+------+------+--------------+--------------------------------------------+ | ID | Volume ID | Status | Name | Size | Object Count | Container | +--------------------------------------+--------------------------------------+-----------+------+------+--------------+--------------------------------------------+ | 489b141c-dcf6-4452-940e-07618849c4c5 | beebd668-2410-4602-9030-2a6f1937150f | available | - | 2 | 3 | 48/9b/489b141c-dcf6-4452-940e-07618849c4c5 | +--------------------------------------+--------------------------------------+-----------+------+------+--------------+--------------------------------------------+ Check controller where backup service is running look for mount, or on nfs server itself, notice a new folder was created. Before backup folder is empty -> [root@cougar11 ins_backup]# ll total 0 After backup is imitated we see a new folder created with cinder:cinder [root@cougar11 ins_backup]# ll total 0 drwxr-xr-x. 3 cinder cinder 16 אוג 7 15:30 48 Works as expected. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:2717 |
Created attachment 1322773 [details] cinder.log Description of problem: Cinder backup uses os_brick to create a nfs share mount point as root and fails creating subdirectories later on as cinder-backup is running as cinder and tries to create a sub directory as cinder. Version-Release number of selected component (if applicable): How reproducible: All the time Steps to Reproduce: 1. Take a volume backup with a NFS backend Actual results: We get a permission denied Expected results: Additional info: def _init_backup_repo_path(self): remotefsclient = remotefs_brick.RemoteFsClient( 'nfs', utils.get_root_helper(), nfs_mount_point_base=self.backup_mount_point_base, nfs_mount_options=self.mount_options) remotefsclient.mount(self.backup_share) LOG.info("Mount point: %s", remotefsclient.get_mount_point(self.backup_share)) (out, err) = utils.execute('chown', 'cinder.cinder', remotefsclient.get_mount_point(self.backup_share), run_as_root=True) LOG.info("Result: %s %s", out, err) return remotefsclient.get_mount_point(self.backup_share