[Bug 1452641] Re: Static Ceph mon IP addresses in connection_info can prevent VM startup
Jeremy Stanley
1452641 at bugs.launchpad.net
Wed Oct 20 00:53:23 UTC 2021
Please don't set OpenStack bugs to Public Security without some
explanation as to why you believe this to be an exploitable risk which
needs attention from the OpenStack vulnerability managers for
coordinating a possible security advisory. I'm switching this back to a
normal Public bug for now, but if you suspect this report represents an
actual security risk then please explain and set it to Public Security
again. Thanks!
** Information type changed from Public Security to Public
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/1452641
Title:
Static Ceph mon IP addresses in connection_info can prevent VM startup
Status in OpenStack Compute (nova):
In Progress
Status in nova package in Ubuntu:
Triaged
Bug description:
The Cinder rbd driver extracts the IP addresses of the Ceph mon servers from the Ceph mon map when the instance/volume connection is established. This info is then stored in nova's block-device-mapping table and is never re-validated down the line.
Changing the Ceph mon servers' IP adresses will prevent the instance from booting as the stale connection info will enter the instance's XML. One idea to fix this would be to use the information from ceph.conf, which should be an alias or a loadblancer, directly.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1452641/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list