mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2025-06-13 10:33:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

rbd: repair encryption config in case it is missing

Browse Source 
It is possible that when a provisioner restarts after a snapshot was
cloned, but before the newly restored image had its encryption metadata
set, the new image is not marked as encrypted. This will prevent
attaching/mounting the image, as the encryption key will not be fetched,
or is not available in the DEKStore.

By actively repairing the encryption configuration when needed, this
problem should be addressed.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
Niels de Vos
2021-04-09 10:36:42 +02:00
committed by mergify[bot]
parent 1482105309
commit b1d05a1840
2 changed files with 26 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/rbd/controllerserver.go
View File

@ -266,6 +266,11 @@ func (cs *ControllerServer) CreateVolume(ctx context.Context, req *csi.CreateVol
if err != nil {
return nil, err
}
err = rbdSnap.repairEncryptionConfig(&rbdVol.rbdImage)
if err != nil {
return nil, err
}
}
return buildCreateVolumeResponse(req, rbdVol), nil