2196927 – Document the need to configure recheck_wwid setting in multipath.conf

Bug 2196927 - Document the need to configure recheck_wwid setting in multipath.conf

Summary: Document the need to configure recheck_wwid setting in multipath.conf

Keywords:
Status:	CLOSED DUPLICATE of bug 2196924
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	documentation
Sub Component:
Version:	16.1 (Train)
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	RHOS Documentation Team
QA Contact:	RHOS Documentation Team
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2023-05-10 19:40 UTC by Alan Bishop
Modified:	2023-05-10 19:43 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-05-10 19:43:50 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	OSP-25002	0	None	None	None	2023-05-10 19:41:49 UTC

Description Alan Bishop 2023-05-10 19:40:52 UTC

CVE-2023-2088 describes a security vulnerability related to cinder volume connections. As documented in the upstream bug [1], it's recommended that multipathd be configured with recheck_wwid enabled.

In OSP-16.1, multipath is configured manually per Section 2.5 of the Storage Guide [2], and there are instructions for patching multipath.conf in order to set the skip_kpartx setting to "yes" ([3],[4]). Additional steps should be added to configure the recheck_wwid in a similar fashion (it should be set to "yes").

[1] https://bugs.launchpad.net/nova/+bug/2004555/comments/38
[2] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.1/html-single/storage_guide/index#multipath-configuration
[3] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.1/html-single/storage_guide/index#configure-multipath-on-new-deployments Step 8.
[4] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.1/html-single/storage_guide/index#configure-multipath-on-existing-deployments Step 3.

Additional info:

This is not relevant in OSP-13 because the recheck_wwid option is not available in RHEL 7.

This is not relevant in OSP-16.2 and 17.x because in these releases multipath is automatically configured by the director, and that includes configuring the recheck_wwid parameter.

Comment 1 Alan Bishop 2023-05-10 19:43:50 UTC


*** This bug has been marked as a duplicate of bug 2196924 ***

Note You need to log in before you can comment on or make changes to this bug.