Bug 1905973
| Summary: | LVM filter only runs if at least 1 item is passed in the Allowlist | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Tzach Shefi <tshefi> |
| Component: | tripleo-ansible | Assignee: | Giulio Fidente <gfidente> |
| Status: | CLOSED ERRATA | QA Contact: | Tzach Shefi <tshefi> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 16.1 (Train) | CC: | gfidente, mburns, tvignaud |
| Target Milestone: | z6 | Keywords: | Triaged |
| Target Release: | 16.1 (Train on RHEL 8.2) | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | tripleo-ansible-0.5.1-1.20201114030849.el8ost | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-05-26 11:43:47 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Verified on:
tripleo-ansible-0.5.1-1.20210323173503.902c3c8.el8ost.noarch
Deployed an overcloud with this yaml;
(undercloud) [stack@undercloud-0 ~]$ cat virt/extra_templates.yaml
parameter_defaults:
ComputeParameters:
LVMFilterEnabled: true
LVMFilterDenylist:
- /dev/sdb
The resulting filtering was added on compute node's lvm.conf:
[root@compute-0 ~]# grep -i filter /etc/lvm/lvm.conf
# Configuration option devices/global_filter.
# Because devices/filter may be overridden from the command line, it is
# not suitable for system-wide device filtering, e.g. udev.
# Use global_filter to hide devices from these LVM system components.
# The syntax is the same as devices/filter. Devices rejected by
# global_filter are not opened by LVM.
global_filter=["","r|/dev/sdb|"] ------------> filtering line added, using a deny only list, good to verify.
# is used to drive LVM filtering like MD component detection, multipath
# This is a quick way of filtering out block devices that are not
# the LVs with device filters. Also, when this setting is enabled,
# filtered), which can cause performance problems on systems with
# an LV. The LVs are ignored using a built in device filter that
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: Red Hat OpenStack Platform 16.1.6 (tripleo-ansible) security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2119 |
Description of problem: When we use THT to set LVM filtering it fails to work. The LVM filter, when enabled, should be configured if any item in either allow *or* deny lists is set; currently it only runs if at least 1 item is in the allow list Version-Release number of selected component (if applicable): openstack-tripleo-heat-templates-11.3.2-1.20200914170176.el8ost.noarch tripleo-ansible-0.5.1-1.20200914163930.el8ost.noarch How reproducible: every time Steps to Reproduce: 1. Deploy and overcloud with say this example tht $ cat ~/environment.yaml parameter_defaults: ComputeParameters: LVMFilterEnabled: true LVMFilterDenylist: - /dev/sdb 2. check compute node's lvm.conf 3. If we redeploy with say: $ cat ~/environment.yaml --- parameter_defaults: ComputeParameters: LVMFilterEnabled: true LVMFilterAllowlist: - /dev/vda Filtering works (I hope) awaiting results. Actual results: No filtering is added on lvm.conf Expected results: Filtring should be added. Additional info: Ran into this here: https://bugzilla.redhat.com/show_bug.cgi?id=1261083#c137