Volume manage to encrypted type issues
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cinder |
Fix Released
|
Critical
|
Eric Harney |
Bug Description
1. Create unencrypted volume
2. Unmanage it
3. Manage it to an encrypted type
4. Observe that volume is on an encrypted type but shows that it is not encrypted
Bigger picture: we should probably not allow managing to an encrypted type since there is no way to associate the volume w/ an encryption key.
$ cinder type-list
+------
| ID | Name | Description | Is_Public |
+------
| 3b92c9c0-
| 4fb104db-
| e0f55b07-
+------
$ cinder encryption-
+------
| Volume Type ID | Provider | Cipher | Key Size | Control Location |
+------
| e0f55b07-
+------
$ cinder create 1 --volume-type 4fb104db-
+------
| Property | Value |
+------
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| consistencygroup_id | None |
| created_at | 2021-09-
| description | None |
| encrypted | False |
| id | 4381d236-
| metadata | {} |
| migration_status | None |
| multiattach | False |
| name | None |
| os-vol-
| os-vol-
| os-vol-
| os-vol-
| replication_status | None |
| size | 1 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| updated_at | None |
| user_id | 659af4d79fed472
| volume_type | mytype |
+------
$ cinder show 4381d236-
+------
| Property | Value |
+------
| attached_servers | [] |
| attachment_ids | [] |
| availability_zone | nova |
| bootable | false |
| consistencygroup_id | None |
| created_at | 2021-09-
| description | None |
| encrypted | False |
| id | 4381d236-
| metadata | |
| migration_status | None |
| multiattach | False |
| name | None |
| os-vol-
| os-vol-
| os-vol-
| os-vol-
| replication_status | None |
| size | 1 |
| snapshot_id | None |
| source_volid | None |
| status | available |
| updated_at | 2021-09-
| user_id | 659af4d79fed472
| volume_type | mytype |
+------
$ cinder unmanage 4381d236-
$ cinder list
+----+-
| ID | Status | Name | Size | Volume Type | Bootable | Attached to |
+----+-
+----+-
$ cinder manage --volume-type e0f55b07-
(oops, wrong specifier)
$ cinder delete ae10d5dd-
$ cinder manage --volume-type e0f55b07-
+------
| Property | Value |
+------
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| consistencygroup_id | None |
| created_at | 2021-09-
| description | None |
| encrypted | False |
| id | 77fef329-
| metadata | {} |
| migration_status | None |
| multiattach | False |
| name | None |
| os-vol-
| os-vol-
| os-vol-
| os-vol-
| replication_status | None |
| size | 0 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| updated_at | None |
| user_id | 659af4d79fed472
| volume_type | ceph |
+------
$ cinder show 77fef329-
+------
| Property | Value |
+------
| attached_servers | [] |
| attachment_ids | [] |
| availability_zone | nova |
| bootable | false |
| consistencygroup_id | None |
| created_at | 2021-09-
| description | None |
| encrypted | False |
| id | 77fef329-
| metadata | |
| migration_status | None |
| multiattach | False |
| name | None |
| os-vol-
| os-vol-
| os-vol-
| os-vol-
| replication_status | None |
| size | 1 |
| snapshot_id | None |
| source_volid | None |
| status | available |
| updated_at | 2021-09-
| user_id | 659af4d79fed472
| volume_type | ceph |
+------
This last "show" shows a volume with encrypted: False on an encrypted volume type.
tags: | added: encryption |
Changed in cinder: | |
importance: | Undecided → Medium |
tags: | added: manage type volumes |
Changed in cinder: | |
status: | Triaged → In Progress |
Changed in cinder: | |
milestone: | xena-rc2 → yoga-rc2 |
Let's try to get this into RC-2. Failing that, we can at least give operators a warning not to do this.