Bug 1918077

Summary: Volume backups can be created in any Ceph pools like vms
Product: Red Hat OpenStack Reporter: Takashi Kajinami <tkajinam>
Component: openstack-cinderAssignee: Cinder Bugs List <cinder-bugs>
Status: NEW --- QA Contact: Evelina Shames <eshames>
Severity: medium Docs Contact: Andy Stillman <astillma>
Priority: medium    
Version: 16.1 (Train)CC: abishop, mvalsecc
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Takashi Kajinami 2021-01-20 01:14:16 UTC 
Description of problem:

Currently CephBackupDriver implements backup containers as ceph pools in backend Ceph cluster.
It uses backups pool by default but user can select any pools by setting the target container when creating a backup.
This results in unexpected situation where users create backups in any other pools like vms, volumes or etc, because we use the same credential which has access to all pools.
We should restrict available pools for cinder-backup to ensure that volume backups are created in dedicated ceph pools.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Deploy overcloud with Ceph and cinder-backup

2. Create an empty volume
 $ openstack volume create testbackup

3. Create a backup from the volume, with a target container
 $ openstack volume backup create testbackup --container vms

Actual results:
The volume backup is created in vms pool, which should be dedicated for ephemeral disks

Expected results:
Cinder-backup fails (or rejects) to create the volume backup.


Additional info:
Comment 1 Takashi Kajinami 2021-01-20 01:16:21 UTC 
This might need to be addressed by configuration side(to use dedicated user with access to only backups pools),
but I assigned this to openstack-cinder first to hear some thoughts from Cinder team.
Comment 2 Alan Bishop 2021-01-28 15:57:57 UTC 
The cinder squad discussed this issue, and it highlights a deficiency in cinder's current design. The plan is to bring this to the cinder community by raising it in an upcoming cinder openstack meeting. Gorka identified a couple of alternative approaches to address the problem, which he intends to summarize in an email sent to the openstack-discuss mail list.