Updated to user based mount, on par with the merged upstream fix.

quobyte · Aug 2, 2017 · 2297f35 · 2297f35
1 parent e71f81e
commit 2297f35
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 91 deletions.
diff --git a/systemd-cgroup_patch/Mitaka/systemd-run_mitaka_plain-diff.patch b/systemd-cgroup_patch/Mitaka/systemd-run_mitaka_plain-diff.patch
@@ -1,21 +1,7 @@
-diff --git a/etc/nova/rootwrap.d/compute.filters b/etc/nova/rootwrap.d/compute.filters
-index c846b89..fd62234 100644
---- a/etc/nova/rootwrap.d/compute.filters
-+++ b/etc/nova/rootwrap.d/compute.filters
-@@ -247,5 +247,9 @@ ploop: CommandFilter, ploop, root
- # nova/virt/libvirt/utils.py: 'xend', 'status'
- xend: CommandFilter, xend, root
-
-+# nova/virt/libvirt/volume/quobyte.py
-+mount.quobyte: CommandFilter, mount.quobyte, root
-+umount.quobyte: CommandFilter, umount.quobyte, root
-+
- # nova/virt/libvirt/utils.py:
- touch: CommandFilter, touch, root
-diff --git a/nova/tests/unit/virt/libvirt/volume/test_quobyte.py b/nova/tests/unit/virt/libvirt/volume/test_quobyte.py
-index 8d16cad..78f42da 100644
---- a/nova/tests/unit/virt/libvirt/volume/test_quobyte.py
-+++ b/nova/tests/unit/virt/libvirt/volume/test_quobyte.py
+diff --git nova/tests/unit/virt/libvirt/volume/test_quobyte.py nova/tests/unit/virt/libvirt/volume/test_quobyte.py
+index 8d16cad..410da74 100644
+--- nova/tests/unit/virt/libvirt/volume/test_quobyte.py
++++ nova/tests/unit/virt/libvirt/volume/test_quobyte.py
 @@ -31,9 +31,12 @@ from nova.virt.libvirt.volume import quobyte
  class QuobyteTestCase(test.NoDBTestCase):
      """Tests the nova.virt.libvirt.volume.quobyte module utilities."""
@@ -30,13 +16,8 @@ index 8d16cad..78f42da 100644
          mnt_base = '/mnt'
          quobyte_volume = '192.168.1.1/volume-00001'
          export_mnt_base = os.path.join(mnt_base,
-@@ -45,15 +48,44 @@ class QuobyteTestCase(test.NoDBTestCase):
-         expected_commands = [mock.call('mount.quobyte',
-                                        quobyte_volume,
-                                        export_mnt_base,
--                                       check_exit_code=[0, 4])
-+                                       check_exit_code=[0, 4],
-+                                       run_as_root=True)
+@@ -48,12 +51,40 @@ class QuobyteTestCase(test.NoDBTestCase):
+                                        check_exit_code=[0, 4])
                               ]
          mock_execute.assert_has_calls(expected_commands)
 +        mock_exists.assert_called_once_with(" /run/systemd/system")
@@ -56,12 +37,12 @@ index 8d16cad..78f42da 100644
 +
 +        mock_ensure_tree.assert_called_once_with(export_mnt_base)
 +        expected_commands = [mock.call('systemd-run',
++                                       '--scope',
++                                       '--user',
 +                                       'mount.quobyte',
-+                                       '-f',
 +                                       quobyte_volume,
 +                                       export_mnt_base,
-+                                       check_exit_code=[0, 4],
-+                                       run_as_root=True)
++                                       check_exit_code=[0, 4])
 +                             ]
 +        mock_execute.assert_has_calls(expected_commands)
 +        mock_exists.assert_called_once_with(" /run/systemd/system")
@@ -77,87 +58,37 @@ index 8d16cad..78f42da 100644
          mnt_base = '/mnt'
          quobyte_volume = '192.168.1.1/volume-00001'
          export_mnt_base = os.path.join(mnt_base,
-@@ -70,9 +102,11 @@ class QuobyteTestCase(test.NoDBTestCase):
-                                        export_mnt_base,
-                                        '-c',
-                                        config_file_dummy,
--                                       check_exit_code=[0, 4])
-+                                       check_exit_code=[0, 4],
-+                                       run_as_root=True)
+@@ -73,6 +104,7 @@ class QuobyteTestCase(test.NoDBTestCase):
+                                        check_exit_code=[0, 4])
                               ]
          mock_execute.assert_has_calls(expected_commands)
 +        mock_exists.assert_called_once_with(" /run/systemd/system")
 
      @mock.patch.object(fileutils, "ensure_tree")
      @mock.patch.object(utils, "execute",
-@@ -99,7 +133,8 @@ class QuobyteTestCase(test.NoDBTestCase):
-         quobyte.umount_volume(export_mnt_base)
-
-         mock_execute.assert_called_once_with('umount.quobyte',
--                                             export_mnt_base)
-+                                             export_mnt_base,
-+                                             run_as_root=True)
-
-     @mock.patch.object(quobyte.LOG, "error")
-     @mock.patch.object(utils, "execute")
-@@ -324,12 +359,14 @@ class LibvirtQuobyteVolumeDriverTestCase(
-
-         libvirt_driver.disconnect_volume(connection_info, "vde")
-
--    def test_libvirt_quobyte_driver_mount_non_quobyte_volume(self):
-+    @mock.patch.object(libvirt_utils, 'is_mounted', return_value=True)
-+    def test_libvirt_quobyte_driver_mount_non_quobyte_volume(self,
-+            mock_is_mounted):
-         mnt_base = '/mnt'
-         self.flags(quobyte_mount_point_base=mnt_base, group='libvirt')
-
-         libvirt_driver = quobyte.LibvirtQuobyteVolumeDriver(self.fake_conn)
--        export_string = 'quobyte://192.168.1.1/volume-00001'
-+        export_string = 'quobyte:192.168.1.1/volume-00001'
-
-         connection_info = {'data': {'export': export_string,
-                                     'name': self.name}}
-@@ -345,6 +382,8 @@ class LibvirtQuobyteVolumeDriverTestCase(
-                               libvirt_driver.connect_volume,
-                               connection_info,
-                               self.disk_info)
-+            mock_is_mounted.assert_called_once_with(mock.ANY,
-+                                                    "quobyte@" + export_string)
-
-     def test_libvirt_quobyte_driver_normalize_export_with_protocol(self):
-         mnt_base = '/mnt'
-diff --git a/nova/virt/libvirt/volume/quobyte.py b/nova/virt/libvirt/volume/quobyte.py
-index 199439b..05e2933 100644
---- a/nova/virt/libvirt/volume/quobyte.py
-+++ b/nova/virt/libvirt/volume/quobyte.py
-@@ -56,6 +56,10 @@ def mount_volume(volume, mnt_base, configfile=None):
+diff --git nova/virt/libvirt/volume/quobyte.py nova/virt/libvirt/volume/quobyte.py
+index 199439b..c9ea879 100644
+--- nova/virt/libvirt/volume/quobyte.py
++++ nova/virt/libvirt/volume/quobyte.py
+@@ -56,13 +56,17 @@ def mount_volume(volume, mnt_base, configfile=None):
      fileutils.ensure_tree(mnt_base)
 
      command = ['mount.quobyte', volume, mnt_base]
 +    if os.path.exists(" /run/systemd/system"):
 +        # Note(kaisers): with systemd this requires a separate CGROUP to
 +        # prevent Nova service stop/restarts from killing the mount.
-+        command = ['systemd-run', 'mount.quobyte', '-f', volume, mnt_base]
++        command = ['systemd-run', '--scope', '--user', 'mount.quobyte', volume,
++                   mnt_base]
      if configfile:
          command.extend(['-c', configfile])
 
-@@ -63,14 +67,14 @@ def mount_volume(volume, mnt_base, configfile=None):
+     LOG.debug('Mounting volume %s at mount point %s ...',
                volume,
                mnt_base)
-     # Run mount command but do not fail on already mounted exit code
--    utils.execute(*command, check_exit_code=[0, 4])
-+    utils.execute(*command, check_exit_code=[0, 4], run_as_root=True)
+-    # Run mount command but do not fail on already mounted exit code
+     utils.execute(*command, check_exit_code=[0, 4])
      LOG.info(_LI('Mounted volume: %s'), volume)
 
-
- def umount_volume(mnt_base):
-     """Wraps execute calls for unmouting a Quobyte volume"""
-     try:
--        utils.execute('umount.quobyte', mnt_base)
-+        utils.execute('umount.quobyte', mnt_base, run_as_root=True)
-     except processutils.ProcessExecutionError as exc:
-         if 'Device or resource busy' in six.text_type(exc):
-             LOG.error(_LE("The Quobyte volume at %s is still in use."),
 @@ -138,8 +142,8 @@ class LibvirtQuobyteVolumeDriver(fs.LibvirtBaseFileSystemVolumeDriver):
 
          if not mounted:

diff --git a/systemd-cgroup_patch/README.md b/systemd-cgroup_patch/README.md
@@ -12,5 +12,13 @@ Removal can easily be done via:
 
 These patches can be applied by navigating to the project to be patched root directory and running:
 
-    patch -p1 < /path/to/patchfile
+    patch -p0 < /path/to/patchfile
 
+
+### Changelog
+
+
+#### 1.0
+	- mounts no longer as root but as Nova service user
+
+#### original release