Bug 2184834
| Summary: | [17.1] Multiattach volumes should be created by volume type only | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Brian Rosmaita <brian.rosmaita> |
| Component: | openstack-cinder | Assignee: | Rajat Dhasmana <rdhasman> |
| Status: | CLOSED ERRATA | QA Contact: | Yosi Ben Shimon <ybenshim> |
| Severity: | medium | Docs Contact: | Ian Frangs <ifrangs> |
| Priority: | high | ||
| Version: | 17.1 (Wallaby) | CC: | astillma, brian.rosmaita, eharney, eshames, ifrangs, jhardee, ltoscano, mariel, mkopec, pgrist, rdhasman, yrabl |
| Target Milestone: | z1 | Keywords: | Triaged |
| Target Release: | 17.1 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | openstack-cinder-18.2.2-1.20230518161043.el9ost | Doc Type: | Bug Fix |
| Doc Text: |
Before this update, the Block Storage API supported the creation of a Block Storage multi-attach volume by passing a parameter in the volume-create request, even though this method of creating multi-attach volume had been deprecated for removal because it is unsafe and can lead to data loss when creating a multi-attach volume on a back end that does not support multi-attach volumes. The `openstack` and `cinder` CLI only supported creating a multi-attach volume by using a multi-attach volume-type. With this update, the Block Storage API only supports creating a multi-attach volume by using a multi-attach volume-type. Therefore some Block Storage API requests that used to work will be rejected with a 400 (Bad Request) response code and an informative error message.
|
Story Points: | --- |
| Clone Of: | 2175217 | Environment: | |
| Last Closed: | 2023-09-20 00:29:44 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2184840 | ||
| Bug Blocks: | 2175217 | ||
|
Description
Brian Rosmaita
2023-04-05 21:55:23 UTC
https://issues.redhat.com/browse/OSP-26512 is showing this as approved for z1 (though the exception flag hasn't been updated to exception+ on this BZ). Hi, Following are the steps to test the "old" behavior that allowed creating volumes with "multiatach" parameter which is blocked now by the API. 1. Issue a keystone token $ openstack token issue +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | expires | 2023-08-17T15:22:54+0000 | | id | <token ID> | | project_id | 94731cadb0604f95b227b6b28052155c | | user_id | 7c4037b7cf97412288c2d65239981bad | +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 2. Do a curl request to volume create with "multiattach": "true" parameter in the request body NOTE: Make sure to replace the token ID in the request (-H "X-Auth-Token: <token ID>") with the token ID generated above $ curl -g -i -X POST http://127.0.0.1/volume/v3/94731cadb0604f95b227b6b28052155c/volumes -H "Accept: application/json" -H "Content-Type: application/json" -H "OpenStack-API-Version: volume 3.70" -H "User-Agent: python-cinderclient" -H "X-Auth-Token: gAAAAABk3i0-JyXOaU5cMo6Mvg8W-FvLRJWvD9Yr4TQSoyU2pHo8gJ87i0aHwyx21U8RKG_yBRy9QSfaeOOs83DBJYGdtrVLjER9oaWUVQk-8qYEqiNIdL6YGJ_zyBqzf4_glUhlevshCvfgKSeafUuHbJ2Dy8kqQmAaJHVg8ZsTL8QNap9Ufk0" -d '{"volume": {"size": 1, "consistencygroup_id": null, "snapshot_id": null, "name": null, "description": null, "volume_type": null, "availability_zone": null, "metadata": {}, "imageRef": null, "source_volid": null, "backup_id": null, "multiattach": "true"}}' HTTP/1.1 400 Bad Request Date: Thu, 17 Aug 2023 14:24:05 GMT Server: Apache/2.4.52 (Ubuntu) OpenStack-API-Version: volume 3.70 Vary: OpenStack-API-Version Content-Length: 261 Content-Type: application/json x-compute-request-id: req-3c66d8d2-4039-4f4c-8a1d-7e7a5cc8529a x-openstack-request-id: req-3c66d8d2-4039-4f4c-8a1d-7e7a5cc8529a Connection: close {"badRequest": {"code": 400, "message": "multiattach parameter has been removed. The default behavior is to use multiattach enabled volume types. Contact your administrator to create a multiattach enabled volume type and use it to create multiattach volumes."}} 3. Confirm that it fails with a BadRequest (HTTP 400) with the following message multiattach parameter has been removed. The default behavior is to use multiattach enabled volume types. Contact your administrator to create a multiattach enabled volume type and use it to create multiattach volumes. Thanks Rajat Dhasmana I've used the instructions provided in comment 15 to create a small negative tempest tests which performs the same steps and which can be used to test this (whether accepted or not): https://review.opendev.org/c/openstack/tempest/+/893676 Tested on 17.1 (openstack-cinder-18.2.2-1.20230518161044.el9ost.noarch) according to the steps in comment #15. - Issued a keystone token. - Curl request: (overcloud) [stack@undercloud-0 ~]$ curl -g -i -X POST http://10.0.0.114:8776/v3/67254ec38aa34a26b7a7bd6bfad0126c/volumes -H "Accept: application/json" -H "Content-Type: application/json" -H "User-Agent: python-cinderclient" -H "X-Auth-Token: <token_id>" -d '{"volume": {"size": 1, "consistencygroup_id": null, "snapshot_id": null, "name": "vol-1", "description": null, "volume_type": null, "availability_zone": null, "metadata": {}, "imageRef": null, "source_volid": null, "backup_id": null, "multiattach": "true"}}' HTTP/1.1 400 Bad Request date: Wed, 06 Sep 2023 11:00:50 GMT server: Apache content-length: 261 openstack-api-version: volume 3.0 vary: OpenStack-API-Version x-compute-request-id: req-c2a1f27e-b130-4b07-8445-79e938e490eb x-openstack-request-id: req-c2a1f27e-b130-4b07-8445-79e938e490eb content-type: application/json {"badRequest": {"code": 400, "message": "multiattach parameter has been removed. The default behavior is to use multiattach enabled volume types. Contact your administrator to create a multiattach enabled volume type and use it to create multiattach volumes."}} * Did the same without the "multiattach" parameter and the volume was created successfully. * Did the same without the "multiattach" parameter and specified "volume_type" (multiattach) and the volume was created successfully with multiattach=True. Moving to VERIFIED Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Release of components for Red Hat OpenStack Platform 17.1.1 (Wallaby)), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:5138 |