Uploaded image for project: 'CloudStack'
  1. CloudStack
  2. CLOUDSTACK-9309

Adding primary storage pool (basic rbd/DefaultPrimary) doesn't work if the rados secret contains slashes or possibly other special symbols

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 4.8.0
    • Fix Version/s: None
    • Component/s: Management Server
    • Security Level: Public (Anyone can view this level - this is the default.)
    • Labels:
    • Environment:
      CentOS 7, Ceph 0.87 from official repo

      Description

      Adding ceph pirmary storage fails with sql error if the rados secret contains slashes (and plus signs in our case)

      Original parameters entered

      Scope: Zone Wide
      Hypervisor: KVM
      *Zone: Office Test
      *Name: test
      *Protocol: RBD
      *Provider: DefaultPrimary
      RADOS Monitor: test
      RADOS Pool: test
      RADOS User: test
      RADOS Secret: AQDw/+ZWCaxqFxAAYV/Ey1jjtNxEG2H7uF0tGg==
      Storage Tags: <none>
      

      Api call sent:

      command:createStoragePool
      scope:zone
      zoneid:6f7b029b-0926-4e2e-9666-519cc228ce9b
      hypervisor:KVM
      name:test
      provider:DefaultPrimary
      url:rbd://test:AQDw_-ZWCaxqFxAAYV/Ey1jjtNxEG2H7uF0tGg==@test/test
      response:json
      _:1458132946658
      

      Interface displays a dialog with the following:

      Failed to add data store: DB Exception on: com.mysql.jdbc.JDBC4PreparedStatement@512efc4: INSERT INTO storage_pool (storage_pool.id, storage_pool.name, storage_pool.uuid, storage_pool.pool_type, storage_pool.created, storage_pool.update_time, storage_pool.data_center_id, storage_pool.pod_id, storage_pool.used_bytes, storage_pool.capacity_bytes, storage_pool.status, storage_pool.storage_provider_name, storage_pool.host_address, storage_pool.path, storage_pool.port, storage_pool.user_info, storage_pool.cluster_id, storage_pool.scope, storage_pool.managed, storage_pool.capacity_iops, storage_pool.hypervisor) VALUES (0, _binary'test', _binary'4d682827-ab95-363b-8d77-8f883c2c8de0', 'RBD', '2016-03-16 12:56:42', null, 2, null, 0, 0, 'Initialized', _binary'DefaultPrimary', null, _binary'Ey1jjtNxEG2H7uF0tGg==@test/test', 6789, null, null, null, 0, null, null)
      

      Notice that in the displayed error, the secret as would-be-inserted is Ey1jjtNxEG2H7uF0tGg== (the beggining is cut off to the second slash)

      Also the API call itself seems to have the secret mangled already, where the first slash and plus sign would be.

      We regenerated the secret to contain no special symbols (well equal sign is present) and it went through.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              linas-h1p Linas Žilinskas
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: