Private Volume Types

https://blueprints.launchpad.net/cinder/+spec/private-volume-types

Cinder volume types are visible to all users, regardless of their project.

This blueprint suggests the introduction of private volume types.

Problem description

Some volume types should only be restricted. Examples are test volume types where a new technology is being tried out or ultra high performance volumes for special needs where most users should not be able to select these volumes.

Use Cases

Proposed change

Similar approaches are taken with the is_public flag on flavors in Nova. We should leverage the work done in Nova and port it for Cinder volume types.

Volume types currently do not have an owner associated to them. This feature does not suggest the introduction of an owner for various reasons, one being that it is impossible to find the original owner of an existing volume type.

The proposed approach is the one already in place in Nova:

  • Volume types are public by default

  • Private volume types can be created by setting the is_public boolean field to False at creation time.

  • Access to a private volume type can be controlled by adding or removing a project from it.

  • Private volume types without projects are only visible by users with the admin role/context.

Alternatives

There is no known alternative ways to restrict access to a volume type.

Data model impact

Database schema changes:

  • A new is_public boolean column will be added to the volume_types table.

  • A new volume_type_projects table will be created for projects having access to a particular volume types. There will be one entry in volume_type_projects table for every volume_type_id and project_id combination. It will be a many-to-many relationship.

mysql> DESC volume_types;
+--------------+--------------+------+-----+---------+-------+
| Field        | Type         | Null | Key | Default | Extra |
+--------------+--------------+------+-----+---------+-------+
| created_at   | datetime     | YES  |     | NULL    |       |
| updated_at   | datetime     | YES  |     | NULL    |       |
| deleted_at   | datetime     | YES  |     | NULL    |       |
| deleted      | tinyint(1)   | YES  |     | NULL    |       |
| id           | varchar(36)  | NO   | PRI | NULL    |       |
| name         | varchar(255) | YES  |     | NULL    |       |
| qos_specs_id | varchar(36)  | YES  | MUL | NULL    |       |
| is_public    | tinyint(1)   | YES  |     | NULL    |       |
+--------------+--------------+------+-----+---------+-------+
8 rows in set (0.00 sec)

mysql> DESC volume_type_projects;
+----------------+--------------+------+-----+---------+----------------+
| Field          | Type         | Null | Key | Default | Extra          |
+----------------+--------------+------+-----+---------+----------------+
| id             | int(11)      | NO   | PRI | NULL    | auto_increment |
| created_at     | datetime     | YES  |     | NULL    |                |
| updated_at     | datetime     | YES  |     | NULL    |                |
| deleted_at     | datetime     | YES  |     | NULL    |                |
| volume_type_id | varchar(36)  | YES  | MUL | NULL    |                |
| project_id     | varchar(255) | YES  |     | NULL    |                |
| deleted        | tinyint(1)   | YES  |     | NULL    |                |
+----------------+--------------+------+-----+---------+----------------+
7 rows in set (0.00 sec)

Database data migration:

  • Existing volume types will be marked as public (is_public=1)

REST API impact

  • Extend volume type creation response to include is_public field

  • Extend volume type list to include is_public field

  • Extend volume type detail to include is_public field

  • Add ability to list projects having access to a specific volume type

  • Add ability to add/remove access for a project to a specific volume type

  • Add policy for the new extension

Security impact

This change introduces the concept of private volume types.

Notifications impact

None

Other end user impact

  • Horizon should be updated to support this new extension.

  • python-cinderclient should be updated to allow the use of this new extension.

Proposed python-cinderclient shell interface:

type-access-add --volume-type <type> --project-id <project_id>
   Add type access for the given project.

type-access-list --volume-type <type>
   Print access information about the given type.

type-access-remove --volume-type <type> --project-id <project_id>
   Remove type access for the given project.

Performance Impact

The extension adds an is_public field to all returned volumes.

Special care should be taken to not generate N requests per volume list. This can easily be addressed by a caching mechanism at the API layer.

Other deployer impact

None

Developer impact

None

Implementation

Assignee(s)

Primary assignee:

mgagne

Other contributors:

None

Work Items

  • Implement os-volume-type-access Cinder extension

  • Add support for os-volume-type-access extension to python-cinderclient

  • Add support for os-volume-type-access extension to Horizon

Dependencies

None

Testing

  • Unit tests already in place in Nova for flavors will be ported for Cinder volume types.

  • Use cases should be added to Tempest.

Documentation Impact

  • Need to document the new os-volume-type-access Cinder extension.

References