Description of problem: Currently CephBackupDriver implements backup containers as ceph pools in backend Ceph cluster. It uses backups pool by default but user can select any pools by setting the target container when creating a backup. This results in unexpected situation where users create backups in any other pools like vms, volumes or etc, because we use the same credential which has access to all pools. We should restrict available pools for cinder-backup to ensure that volume backups are created in dedicated ceph pools. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Deploy overcloud with Ceph and cinder-backup 2. Create an empty volume $ openstack volume create testbackup 3. Create a backup from the volume, with a target container $ openstack volume backup create testbackup --container vms Actual results: The volume backup is created in vms pool, which should be dedicated for ephemeral disks Expected results: Cinder-backup fails (or rejects) to create the volume backup. Additional info:
This might need to be addressed by configuration side(to use dedicated user with access to only backups pools), but I assigned this to openstack-cinder first to hear some thoughts from Cinder team.
The cinder squad discussed this issue, and it highlights a deficiency in cinder's current design. The plan is to bring this to the cinder community by raising it in an upcoming cinder openstack meeting. Gorka identified a couple of alternative approaches to address the problem, which he intends to summarize in an email sent to the openstack-discuss mail list.