您好,登錄后才能下訂單哦!
前面有篇《nova boot from volume代碼分析》http://iceyao.blog.51cto.com/9426658/1770927,今天這里看下針對nova boot from volume無法注入密碼的簡單hack。
nova/virt/libvirt/driver.py中_inject_data函數(shù)部分代碼
if any((key, net, metadata, admin_pass, files)): injection_p_w_picpath = self.p_w_picpath_backend.p_w_picpath( instance, 'disk' + suffix, p_w_picpath_type) img_id = instance.p_w_picpath_ref if not injection_p_w_picpath.check_p_w_picpath_exists(): LOG.warn(_LW('Image %s not found on disk storage. ' 'Continue without injecting data'), injection_p_w_picpath.path, instance=instance) return
其實(shí)主要問題是,nova boot from rbd volume的時候,虛擬機(jī)的系統(tǒng)盤是在云硬盤那里的,所以必須先定位云硬盤的位置,才可以注入密碼。默認(rèn)情況下boot from p_w_picpath,系統(tǒng)盤名字是<instance-uuid>_disk,boot from volume名字是volume-<volume-uuid>。
nova/virt/libvirt/p_w_picpathbackend.py
class Rbd(Image): SUPPORTS_CLONE = True def __init__(self, instance=None, disk_name=None, path=None, **kwargs): super(Rbd, self).__init__("block", "rbd", is_block_dev=False) if path: try: self.rbd_name = path.split('/')[1] except IndexError: raise exception.InvalidDevicePath(path=path) else: self.rbd_name = '%s_%s' % (instance.uuid, disk_name) if not CONF.libvirt.p_w_picpaths_rbd_pool: raise RuntimeError(_('You should specify' ' p_w_picpaths_rbd_pool' ' flag to use rbd p_w_picpaths.')) self.pool = CONF.libvirt.p_w_picpaths_rbd_pool self.discard_mode = CONF.libvirt.hw_disk_discard self.rbd_user = CONF.libvirt.rbd_user self.ceph_conf = CONF.libvirt.p_w_picpaths_rbd_ceph_conf # 這里的判斷邏輯不是很嚴(yán)謹(jǐn),純碎演示 if not instance.p_w_picpath_ref: context = nova_context.get_admin_context() # 獲取bdms bdms = ( objects.BlockDeviceMappingList.get_by_instance_uuid( context, instance.uuid)) connection_info = jsonutils.loads(bdms[0].connection_info) # 獲得系統(tǒng)盤volume-id,cinder rbd pool self.rbd_name = connection_info['data']['name'].split('/')[1] self.pool = connection_info['data']['name'].split('/')[0]
免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場,如果涉及侵權(quán)請聯(lián)系站長郵箱:is@yisu.com進(jìn)行舉報,并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。