when the source share has ``snapshot_support`` False.
The message said that the back end lacks snapshot support but this
is not necessarily the case.
Closes-bug: #1925342
Change-Id: I09a83b63528c0988f3601dfd07ad6972165cb855
1、After performing a snapshot clone of the glusterfs vol,
the status of the vol is'Created', and the parameter
"gluster volume set nfs.rpc-auth-reject'*'" is required for
the vol in the'Started' state.
2、The cloned volume needs to activate the snapshot,
if the snapshot is already activated, you need to skip the activation step
Closes-Bug: #1922075
Change-Id: I304bf59b3f8c0d5b847078a5752bac8ac4f21690
Remove manila configuration options
and auth classes that were deprecated
before the Ussuri release.
Change-Id: I148225926cd249a0dd8d1f8c02b22ed06487f405
Replicas are just special instances after all, no need for
duplicate code and missing on improvements like exception handling
on NotFound error.
Change-Id: I31fabebc6a60814a4cfc04ae0deb49dcb66cab0f
Closes-Bug: #1923566
Commands in the Ceph driver are directed at the mon
daemon instead of at the mgr daemon.
The driver's rados_command() calls json_command() and,
by default, json_command() calls the python
rados client's mon_command() instead of mgr_command().
By passing the target as mon-mgr, the python rados
client's mgr_command() is called as desired, and we
avoid the need of extra MON write caps.
Closes-Bug: #1923181
Co-Authored-By: Victoria Martinez de la Cruz <victoria@redhat.com>
Co-Authored-By: Ramana Raja <rraja@redhat.com>
Co-Authored-By: Tom Barron <tpb@dyncloud.net>
Change-Id: I5bca68070ca1eb539d53dd31cb92588840e925e8
Add file to the reno documentation build to show release notes for
stable/wallaby.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/wallaby.
Sem-Ver: feature
Change-Id: I49803f627c4c580b41e7408b2b7e0452f3758831
This patch is a follow up of [1] to address some comments
added in the review process. It also adds more unit tests to
validate the new code added.
[1] https://review.opendev.org/c/openstack/manila/+/775032
Change-Id: If7b8628fa05200363a129eb19d9dc80fb7e3bc36
Signed-off-by: Douglas Viroel <viroel@gmail.com>
When trying to create a share using a security
service while having insufficient privileges or
providing wrong credentials, manila raises a
generic user message that provides little
information to the end user on what exactly went
wrong.
Added a driver-agnostic exception for when this
happens, accompanied with a user message to
provide more useful information to end users.
Partial-Bug: #1900755
Change-Id: I2b0bc5c0715c225cd5b38b55fb3967ff7fc86fa8
This bugfix [1] modified the totalcount returned by pagination
query when the argument 'limit' was specified. It caused
manila to do not return precise count of shares in a query that
satisfied the conditions.
This bug has been fixed and now manila is returning the precise
values of shares matched in a given query. Also, manila is now
performing filtering actions in the database to have more
performatic results.
[1] https://review.opendev.org/#/c/688542/
Closes-Bug: #1860061
Co-Authored-By: Carlos Eduardo <ces.eduardo98@gmail.com>
Change-Id: I6ddd919bbd5180593cc52bf986912f65a2dab3a7
Adds create share from snapshot functionality to
CephFS drivers.
Depends-On: https://review.opendev.org/c/openstack/manila-tempest-plugin/+/778188
Co-Authored-By: Victoria Martinez de la Cruz <victoria@redhat.com>
Co-Authored-By: Ramana Raja <rraja@redhat.com>
Co-Authored-By: Tom Barron <tpb@dyncloud.net>
DocImpact
Partially-Implements: blueprint create-share-from-snapshot-cephfs
Change-Id: I825ab15af934cb37dfda48ea26ec1af9de8dd293
Use python rados client to talk to the ceph-mgr service.
A python rados client is created by the driver that lasts
during the driver's lifecycle.
The drivers can now work with multiple filesystem clusters.
The filesystem to be used by manila can be specified by the
driver option 'cephfs_filesystem_name'.
The removal of a share will be quicker for the manila user.
The ceph-mgr volumes module moves the share's content to
a trash folder and purges the trash's contents
(`rm -rf` of the backend CephFS subvolume/subtree) aysnchronously,
whereas the ceph_volume_client library moves the share's content
and purges the content synchronously.
Implements: bp update-cephfs-drivers
Co-Authored-By: Victoria Martinez de la Cruz <victoria@redhat.com>
Co-Authored-By: Ramana Raja <rraja@redhat.com>
Co-Authored-By: Tom Barron <tpb@dyncloud.net>
DocImpact
Change-Id: I1f81db1ba7724c0784d87f9cb92bb696f6778806
when we need to start or restart manila share service, will call
init_host().
and call ensure_driver_resources() in init_host(),
will call self.driver.ensure_shares or self.driver.ensure_share to
update all share instances in that host. Currently, only NetApp and LVM
implement self.driver.ensure_shares, Other manufacturers are using
self.driver.ensure_share.
in large-scale environment, there are lot of share instances in one
host. this will lead to take much time to ensure_share.
so we can put this operation into the thread pool to speed up the
startup of the service.
Closes-Bug: #1909847
Change-Id: I295d0de0958ebfedd89441f1a2c1b447b74693a0
if we failed to manage a share, we don't need to commit the quota usages. so
we should skip quota usages cuts when delete or unmange the share with
status of "error_manage". and the size of error_manage share should be
zero.
Closes-Bug:#1883506
Change-Id: I5c81dd6780890c55c8c6a92491c3f4f507531fdb
Add missing quotes to exportfs command to protect <world> being
interpreted as file redirect
Closes-Bug: #1911695
Change-Id: Ie95a476e9a81c58df998c3f44da137b023b53cc6
The share protocol requested was being
ignored by the scheduler and this would
cause shares to get scheduled to hosts
that don't support the specified protocol.
Change-Id: I2e87264865b645781c481383c039fecbfd7c6eb1
Closes-Bug: #1783736
In order to optimize the NetApp ONTAP driver, this patch is caching
the status of driver pools and reusing for the each share server,
given that the pool is not separated by share server.
The option `netapp_cached_aggregates_status_lifetime` is added
for controlling the time that the cached values is considered
valid.
Closes-Bug: #1900469
Change-Id: I14a059615fc29c7c173c035bb51d39e0bbb8b70a
if rabbitmq is too much pressure or blockage.scheduler
will not received service capabilities, but once the
message queue(rabbitmq) returns to normal, scheduler
will received many service capabilities, these service
capabilities are acquired by manila share at different
times, so the timestamp of service capabilities shoud
added at share manage layer(before rpc), but not
scheduler layer(after rpc), once scheduler get an newer
service capabilities, there is no need to update an
earlier service capabilities.
Closes-Bug: #1908963
Change-Id: I6ce99ed4451c5d02cb4446861fa59e55a94951a5
This patch implements support for security service updates
for in use share networks. It works with all three security
service types. For 'active_directory' and 'kerberos', the 'domain'
attribute update isn't supported, since it can might affect
user's access to all related shares.
Change-Id: I8556e4e2e05deb9b116eacbd5afe2f7c5d77b44b
Depends-On: I129a794dfd2d179fa2b9a2fed050459d6f00b0de
Depends-On: I5fef50a17bc72ba66a3a9d6f786742bcb5745d7b
Implements: bp netapp-security-service-update
Co-Authored-By: Carlos Eduardo <ces.eduardo98@gmail.com>
Signed-off-by: Douglas Viroel <viroel@gmail.com>
This implementation adds the functionality to add/update security services
to in use share networks using the container driver. The container driver will
also try to setup security services while creating share servers. Currently, the
only supported security service type is LDAP.
Co-Authored-By: Carlos Eduardo <ces.eduardo98@gmail.com>
Partially Implements: bp add-security-service-in-use-share-networks
Depends-On: I129a794dfd2d179fa2b9a2fed050459d6f00b0de
Change-Id: Ifb8b9ebe6eb0661844c794ca1a32e35105652f72
This patch implements the update of security service's association
with in-use share networks. The following changes were added:
- New share network APIs: `share_network_security_service_update`
and `share_network_reset_state`.
- A new `status` attribute was added to share network model to
identify when it's in a modification state, called 'network_change'.
Other supported status that were added: 'active' and 'error'.
- New 'security_service_update_support' property was added to both
share server and share network models, to identify when this resources
are able to process security service update for in-use share networks.
- New driver interface was added to support update of security service's
configuration of a given share server.
DocImpact
APIImpact
Partially Implements: bp add-security-service-in-use-share-networks
Co-Authored-By: Carlos Eduardo <ces.eduardo98@gmail.com>
Co-Authored-By: Douglas Viroel <viroel@gmail.com>
Co-Authored-By: Andre Beltrami <debeltrami@gmail.com>
Change-Id: I129a794dfd2d179fa2b9a2fed050459d6f00b0de
This patch adds support for automated creation of FPolicy policies
and association to a share. The FPolicy configuration can be added using
the extra-specs 'netapp:fpolicy_extensions_to_include',
'netapp:fpolicy_extensions_to_exclude' and 'netapp:fpolicy_file_operations'.
Change-Id: I661de95bfb6f8e68b3a8c58663bb6055e9b809f6
Implements: bp netapp-fpolicy-support
Signed-off-by: Douglas Viroel <viroel@gmail.com>
This patch fixes some issues with LDAP client configuration on
ONTAP SVMs. With ldap security service, users should be able to
configure a LDAP client that can be used for authentication and
name mapping. The name service switch order remains: ldap,files.
Issues fixed:
- The driver now identifies when user provide a Active Directory
domain or a Linux/Unix LDAP server IP and sets the correct schema.
- LDAP configuration parameter `servers` was replaced by `ldap-servers`
in ONTAP 9.2, and now accepts host names too.
- Fix DNS configuration for LDAP security service
- User can now specify base search DN for LDAP queries, which can be
mandatory for Unix/Linux servers, using the security service `ou`
parameter.
Closes-Bug: #1916534
Change-Id: Ieaa53abbe50e7b708e508c132dfc4bb36b71a4f5
Signed-off-by: Douglas Viroel <viroel@gmail.com>
This feature allows admin to set share size limit for a project.
The defaults will either come from the default values
set in the quota configuration option or via manila.conf
if the user has configured default values for quotas there.
The quota_per_share_gigabytes defaults to -1["No Limit"] always
unless changed in manila.conf by admin.
Closes-Bug: #1811943
Change-Id: Ida126c8c419b8bf4d2a194f061a0809d52b47ab8
Add two new capabilities to manila. It is possible to set limits
to share server size and share instances in a share server by
setting `max_share_server_size` and `max_shares_per_share_server`
in a backend stanza.
Change-Id: I3170478d3aa2d09cb2adc32233dc57bc59029a56
Partially-Implements: bp new-share-server-limits
DocImpact
