Bug 1465964 - [RFE] Option to set different default volume type for new cinder volumes in various tenants
[RFE] Option to set different default volume type for new cinder volumes in v...
Status: NEW
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-cinder (Show other bugs)
8.0 (Liberty)
Unspecified Unspecified
medium Severity medium
: Upstream M2
: ---
Assigned To: Gorka Eguileor
Avi Avraham
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-28 10:22 EDT by Ondrej
Modified: 2018-06-23 22:12 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
scohen: needinfo+


Attachments (Terms of Use)

  None (edit)
Description Ondrej 2017-06-28 10:22:41 EDT
Description of problem:
The possibility to set different default_volume_type for different tenants.

Customer has DCs in various geos separated in different tenants and also has  separated the storage DCs by geos in three cinder pacemaker clusters of three nodes, one for each Cinder Availability Zone.


Currently a volume_type where the tenant has access to can be set in cli or horizon while creating a volume and create volumes accordingly.

But when creating a volume and volume_type is left blank, the volume is created by default_volume_type which is also left blank and is created under volume-type where the tenant should not even have access to.

This also means volume is created and shared from different(distant) cinder AZ.


Example:
[osp](ES_admin_LAB)$ cinder service-list
+------------------+---------------------+------------+---------+-------+----------------------------+-----------------+
| Binary           | Host                | Zone       | Status  | State | Updated_at                 | Disabled Reason |
+------------------+---------------------+------------+---------+-------+----------------------------+-----------------+
| cinder-backup    | cvs1lci-az1         | TC_LAB-I-1 | enabled | up    | 2017-06-26T11:50:28.000000 | -               |
| cinder-backup    | cvs1lci-az2         | TC_LAB-I-2 | enabled | up    | 2017-06-26T11:50:25.000000 | -               |
| cinder-backup    | cvs1lci-az3         | TC_LAB-I-3 | enabled | up    | 2017-06-26T11:50:27.000000 | -               |
| cinder-scheduler | cvs1lci-az1         | TC_LAB-I-1 | enabled | up    | 2017-06-26T11:50:22.000000 | -               |
| cinder-scheduler | cvs1lci-az2         | TC_LAB-I-2 | enabled | up    | 2017-06-26T11:50:29.000000 | -               |
| cinder-scheduler | cvs1lci-az3         | TC_LAB-I-3 | enabled | up    | 2017-06-26T11:50:31.000000 | -               |
| cinder-volume    | cvs1lci-az1@ALL_STD | TC_LAB-I-1 | enabled | down  | -                          | -               |
| cinder-volume    | cvs1lci-az1@ES_ADV  | TC_LAB-I-1 | enabled | up    | 2017-06-26T11:50:28.000000 | -               |
| cinder-volume    | cvs1lci-az1@ES_STD  | TC_LAB-I-1 | enabled | up    | 2017-06-26T11:50:28.000000 | -               |
| cinder-volume    | cvs1lci-az1@PT_ADV  | TC_LAB-I-1 | enabled | up    | 2017-06-26T11:50:28.000000 | -               |
| cinder-volume    | cvs1lci-az1@PT_STD  | TC_LAB-I-1 | enabled | up    | 2017-06-26T11:50:28.000000 | -               |
| cinder-volume    | cvs1lci-az2@ALL_STD | TC_LAB-I-2 | enabled | down  | -                          | -               |
| cinder-volume    | cvs1lci-az2@ES_ADV  | TC_LAB-I-2 | enabled | up    | 2017-06-26T11:50:25.000000 | -               |
| cinder-volume    | cvs1lci-az2@ES_STD  | TC_LAB-I-2 | enabled | up    | 2017-06-26T11:50:25.000000 | -               |
| cinder-volume    | cvs1lci-az2@PT_ADV  | TC_LAB-I-2 | enabled | up    | 2017-06-26T11:50:25.000000 | -               |
| cinder-volume    | cvs1lci-az2@PT_STD  | TC_LAB-I-2 | enabled | up    | 2017-06-26T11:50:25.000000 | -               |
| cinder-volume    | cvs1lci-az3@ALL_STD | TC_LAB-I-3 | enabled | down  | -                          | -               |
| cinder-volume    | cvs1lci-az3@ES_ADV  | TC_LAB-I-3 | enabled | up    | 2017-06-26T11:50:26.000000 | -               |
| cinder-volume    | cvs1lci-az3@ES_STD  | TC_LAB-I-3 | enabled | up    | 2017-06-26T11:50:27.000000 | -               |
| cinder-volume    | cvs1lci-az3@PT_ADV  | TC_LAB-I-3 | enabled | up    | 2017-06-26T11:50:26.000000 | -               |
| cinder-volume    | cvs1lci-az3@PT_STD  | TC_LAB-I-3 | enabled | up    | 2017-06-26T11:50:26.000000 | -               |
+------------------+---------------------+------------+---------+-------+----------------------------+-----------------+

[osp](ES_admin_LAB)$ cinder type-list
+--------------------------------------+---------------+-------------+-----------+
| ID                                   | Name          | Description | Is_Public |
+--------------------------------------+---------------+-------------+-----------+
| 4e4a2823-2538-4cd2-be49-d19029414826 | vtype-PT_STD  | -           | False     |
| 6106281f-9eaf-4332-8a06-4d096756629c | vtype-ES_ADV  | -           | False     |
| 8f4c6da2-d290-4d9c-b8f2-1168bcf4732b | vtype-PT_ADV  | -           | False     |
| c2ddd91d-9c5b-4ef3-96ee-68e321109177 | vtype-ES_STD  | -           | False     |
| c845902e-3021-4f9b-abc8-193c6c856ec6 | vtype-ALL_STD | -           | True      |
+--------------------------------------+---------------+-------------+-----------+

[osp](ES_admin_LAB)$ cinder extra-specs-list
+--------------------------------------+---------------+-----------------------------------+
| ID                                   | Name          | extra_specs                       |
+--------------------------------------+---------------+-----------------------------------+
| 4e4a2823-2538-4cd2-be49-d19029414826 | vtype-PT_STD  | {'volume_backend_name': 'PT_STD'} |
| 6106281f-9eaf-4332-8a06-4d096756629c | vtype-ES_ADV  | {'volume_backend_name': 'ES_ADV'} |
| 8f4c6da2-d290-4d9c-b8f2-1168bcf4732b | vtype-PT_ADV  | {'volume_backend_name': 'PT_ADV'} |
| c2ddd91d-9c5b-4ef3-96ee-68e321109177 | vtype-ES_STD  | {'volume_backend_name': 'ES_STD'} |
| c845902e-3021-4f9b-abc8-193c6c856ec6 | vtype-ALL_STD | {'netapp:Prueba_VTYPES': None}    |
+--------------------------------------+---------------+-----------------------------------+

Projects 
23bddb70198b42fbb8cc48c00ef0aa1e  iaas-es-poc-01  
621f1bb5601c4de0a121093b6f2896bd  admin
6233f4dd50304c809e147226134166b0  iaas-es-dev-01
7a9d80187be44fde950308bdc50f372e  Automate
85e9dc5e7ca24603849715ee0af35cf6  cloudpulse
8cda6858a6114dc08446a9f767fb1e11  benchmarking
9dfd82aa4c6a4f65b71742133f0981f2  services
d796c8573b3f44b1b607c5a16e4a590d  Compute
fa22d454f1584d5cb9ae42eca258da50  iaas-es-dev-02


[osp](ES_admin_LAB)$ cinder type-access-list --volume-type 4e4a2823-2538-4cd2-be49-d19029414826
+--------------------------------------+----------------------------------+
| Volume_type_ID                       | Project_ID                       |
+--------------------------------------+----------------------------------+
| 4e4a2823-2538-4cd2-be49-d19029414826 | 23bddb70198b42fbb8cc48c00ef0aa1e |
| 4e4a2823-2538-4cd2-be49-d19029414826 | 621f1bb5601c4de0a121093b6f2896bd |
| 4e4a2823-2538-4cd2-be49-d19029414826 | 85e9dc5e7ca24603849715ee0af35cf6 |
| 4e4a2823-2538-4cd2-be49-d19029414826 | 8cda6858a6114dc08446a9f767fb1e11 |
| 4e4a2823-2538-4cd2-be49-d19029414826 | 9dfd82aa4c6a4f65b71742133f0981f2 |
| 4e4a2823-2538-4cd2-be49-d19029414826 | fa22d454f1584d5cb9ae42eca258da50 |
+--------------------------------------+----------------------------------+

[root@cvs1lco01 ~(keystone_admin)]# df -h | grep cinder
/dev/mapper/APLIvg-lv_cinder_logs          10G  105M  9.9G   2% /var/log/cinder
20.48.22.31:/VES1T0Z1_ES_CLOUD_cinderIMG   18G   18M   18G   1% /var/lib/cinder/conversion
20.48.22.32:/VES1T0Z1_ES_CLOUD_bkp1       922G   88M  922G   1% /var/lib/cinder/backup_mount/a8de15e3a2d7786a2db0bae7146b0f18
20.48.22.32:/VES1T0Z1_ES_CLOUD_cinder2    1.9T  3.2G  1.8T   1% /var/lib/cinder/mnt/6e9dbd01c2fbae27fccf24fa0c058f6e
20.48.22.52:/VPT1T0Z1_PT_CLOUD_cinder1    1.9T  1.7G  1.8T   1% /var/lib/cinder/mnt/6339a85806d43625e678ddc8d6acfd22
20.48.22.31:/VES1T0Z1_ES_CLOUD_cinder1    1.9T  1.7G  1.8T   1% /var/lib/cinder/mnt/eaa72f0be11dea1251be5ed325f3ada2
20.48.22.54:/VPT1T0Z1_PT_CLOUD_cinder2    1.7T  1.4M  1.7T   1% /var/lib/cinder/mnt/b4a791c3631830ab0dd425d3a5dfb49c

[root@cvs1lco01 ~(keystone_admin)]# cat /etc/cinder/ES_ADV.shares
# Ansible managed
20.48.22.32:/VES1T0Z1_ES_CLOUD_cinder2

[root@cvs1lco01 ~(keystone_admin)]# cat /etc/cinder/PT_STD.shares
# Ansible managed
20.48.22.52:/VPT1T0Z1_PT_CLOUD_cinder1


From compute user:
[osp][(ES_compute_lab)$ cinder type-list
+--------------------------------------+---------------+-------------+-----------+
| ID                                   | Name          | Description | Is_Public |
+--------------------------------------+---------------+-------------+-----------+
| 6106281f-9eaf-4332-8a06-4d096756629c | vtype-ES_ADV  | -           | False     |
| c2ddd91d-9c5b-4ef3-96ee-68e321109177 | vtype-ES_STD  | -           | False     |
| c845902e-3021-4f9b-abc8-193c6c856ec6 | vtype-ALL_STD | -           | True      |
+--------------------------------------+---------------+-------------+-----------+

[osp][(ES_compute_lab)$ openstack volume create --availability-zone TC_LAB-I-1 --size 3 --type vtype-ES_ADV vol-priv-01
+---------------------+--------------------------------------+
| Field               | Value                                |
+---------------------+--------------------------------------+
| attachments         | []                                   |
| availability_zone   | TC_LAB-I-1                           |
| bootable            | false                                |
| consistencygroup_id | None                                 |
| created_at          | 2017-06-26T12:04:53.608402           |
| description         | None                                 |
| encrypted           | False                                |
| id                  | 9ada4abc-8999-407c-97de-56f10ea9b9f6 |
| multiattach         | False                                |
| name                | vol-priv-01                          |
| properties          |                                      |
| replication_status  | disabled                             |
| size                | 3                                    |
| snapshot_id         | None                                 |
| source_volid        | None                                 |
| status              | creating                             |
| type                | vtype-ES_ADV                         |
| user_id             | a79f72aff03b47c4ab62942b306dd536     |
+---------------------+--------------------------------------+

[root@cvs1lco01 ~(keystone_admin)]# ll /var/lib/cinder/mnt/6e9dbd01c2fbae27fccf24fa0c058f6e/volume-9ada4abc-8999-407c-97de-56f10ea9b9f6
-rw-rw-rw-. 1 root root 3221225472 Jun 26 14:04 /var/lib/cinder/mnt/6e9dbd01c2fbae27fccf24fa0c058f6e/volume-9ada4abc-8999-407c-97de-56f10ea9b9f6


[osp][(ES_compute_lab)$ openstack volume create --availability-zone TC_LAB-I-1 --size 3 vol-priv-02
+---------------------+--------------------------------------+
| Field               | Value                                |
+---------------------+--------------------------------------+
| attachments         | []                                   |
| availability_zone   | TC_LAB-I-1                           |
| bootable            | false                                |
| consistencygroup_id | None                                 |
| created_at          | 2017-06-26T12:07:31.786396           |
| description         | None                                 |
| encrypted           | False                                |
| id                  | d5d7fa13-7eea-458b-ace5-f24738d4386f |
| multiattach         | False                                |
| name                | vol-priv-02                          |
| properties          |                                      |
| replication_status  | disabled                             |
| size                | 3                                    |
| snapshot_id         | None                                 |
| source_volid        | None                                 |
| status              | creating                             |
| type                | None                                 |
| user_id             | a79f72aff03b47c4ab62942b306dd536     |
+---------------------+--------------------------------------+

[root@cvs1lco01 ~(keystone_admin)]# ll /var/lib/cinder/mnt/6339a85806d43625e678ddc8d6acfd22/volume-d5d7fa13-7eea-458b-ace5-f24738d4386f
-rw-rw-rw-. 1 root root 3221225472 Jun 26 14:07 /var/lib/cinder/mnt/6339a85806d43625e678ddc8d6acfd22/volume-d5d7fa13-7eea-458b-ace5-f24738d4386f


For example the people of iaas-es-poc-01 project, only should be access to vtype-PT_STD and vtype-PT_ADV, and the people of Compute project, only should be access to vtype-ES_STD and vtype-ES_ADV.

The problem is that if no vtype is chosen, the volume is created like type = None, in the share of vtype-PT_STD. If no vtype is defined, cinder choose in which share will be created, but should be created in one of the shares of the vtypes that tenant has access to (vtype-ES_STD and vtype-ES_ADV), not in the share of vtype-PT_STD.

There's no "default_volume_type" defined. This is because if "vtype-ES_STD" is selected for instance, all works for Spain projects, but when the people of Peru, Chile, Portugal create a default volume they will use the shares of Spain.


Version-Release number of selected component (if applicable):
penstack-cinder-7.0.3-1.el7ost.noarch                      Wed Apr 19 09:41:48 2017
python-cinder-7.0.3-1.el7ost.noarch                         Wed Apr 19 09:40:44 2017
python-cinderclient-1.5.0-1.el7ost.noarch                   Wed Apr 19 09:40:23 2017

How reproducible:
always

Steps to Reproduce:
1.
2.
3.

Actual results:
volume is created outside of volume-types available to the tenant

Expected results:
volume is created only in volume-types available to the tenant

Additional info:
Comment 1 Paul Grist 2017-07-19 09:57:38 EDT
We need to evaluate the this one.  If existing functionality in OSP8 doesn't address it would have to a new feature in a future cinder release.

Note You need to log in before you can comment on or make changes to this bug.