From af51b46b1e08b26c07bd32019e54b9c521cb7813 Mon Sep 17 00:00:00 2001 From: James Page Date: Mon, 15 Oct 2012 13:21:55 +0100 Subject: Allow local rbd user and secret_uuid configuration By default, the rbd_user and rbd_secret_uuid are specified in the nova-volume/cinder configuration and passed to nova-compute when volumes are attached to instances. This change allows these values to be specified locally in nova-compute which means access control to RADOS devices in ceph can be managed independently from nova-volume/cinder with no requirement for consistent uuid's for libvirt secrets. Fixes bug 1065883. Change-Id: I9f07d040ae267bfbe8f794a5d22d327106314cc6 --- nova/virt/libvirt/volume.py | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) (limited to 'nova/virt') diff --git a/nova/virt/libvirt/volume.py b/nova/virt/libvirt/volume.py index cf08ea85e..2a018c724 100644 --- a/nova/virt/libvirt/volume.py +++ b/nova/virt/libvirt/volume.py @@ -87,10 +87,19 @@ class LibvirtNetVolumeDriver(LibvirtVolumeDriver): conf.target_bus = "virtio" conf.serial = connection_info.get('serial') netdisk_properties = connection_info['data'] - if netdisk_properties.get('auth_enabled'): - conf.auth_username = netdisk_properties['auth_username'] + auth_enabled = netdisk_properties.get('auth_enabled') + if (conf.source_protocol == 'rbd' and + FLAGS.rbd_secret_uuid): + conf.auth_secret_uuid = FLAGS.rbd_secret_uuid + auth_enabled = True # Force authentication locally + if FLAGS.rbd_user: + conf.auth_username = FLAGS.rbd_user + if auth_enabled: + conf.auth_username = (conf.auth_username or + netdisk_properties['auth_username']) conf.auth_secret_type = netdisk_properties['secret_type'] - conf.auth_secret_uuid = netdisk_properties['secret_uuid'] + conf.auth_secret_uuid = (conf.auth_secret_uuid or + netdisk_properties['secret_uuid']) return conf -- cgit