Input validation for command encryption-type-create
Bug #1505113 reported by
Lisa Li
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cinder |
Confirmed
|
Wishlist
|
Unassigned |
Bug Description
Currently when creating a encryption type, it uses following command:
cinder encryption-
--control_
The problem is that cinder doesn't check the validation of the provider. Giving a invalid provider, the encryption type can be created successfully, and a volume can be created with the volume type. Only when attaching the volume to a VM, it fails.
This bug is raised to do validation check of the input.
tags: | added: encryption |
Changed in cinder: | |
importance: | Undecided → Medium |
importance: | Medium → Wishlist |
status: | New → Confirmed |
Changed in cinder: | |
assignee: | nobody → M Shruthi (mshruthi98) |
Changed in cinder: | |
status: | Confirmed → In Progress |
Changed in cinder: | |
assignee: | M Shruthi (mshruthi98) → nobody |
status: | In Progress → Confirmed |
To post a comment you must log in.
Validating the encryption provider is tricky because Cinder cannot verify that a module does or does not exist in Nova (e.g., nova.volume. encryptors. luks.LuksEncryp tor).
Perhaps it would be better to move the encryptors to oslo so they can be shared more easily. In addition, assuming that Nova and Cinder both require some minimum version of the resulting oslo library (e.g., oslo.encryptors), then Cinder could validate the input immediately as suggested in this bug report.