Cinder client does not do sanity check on quota-update

Solution In Progress - Updated -

Issue

  • Typing invalid value under argument in quota-show CLI does not generate an error message
  • The issue is that the CLI client does not do a sanity check to verify that the "tenant_id" that is supplied is a valid tenant ID.
  • In the excerpt from mysql, there are 4 "project_id"s demo, 087094720db94dd4bf6d0b24975b986d 14d3e5a9d6ea45c9a675de6b756bae26 and sfdr.
  • You can do a quota-update with anything as the tenant_id and it will update the DB. an example is below, tenant_id blah is invalid.
[root@sfisvlnwh001 ~(keystone_admin)]# cinder quota-update --snapshot 11 blah
+-----------+-------+
|  Property | Value |
+-----------+-------+
| gigabytes |  1000 |
| snapshots |   11  |
|  volumes  |   10  |
+-----------+-------+
[root@sfisvlnwh001 ~(keystone_admin)]# keystone tenant-list
+----------------------------------+----------+---------+
|                id                |   name   | enabled |
+----------------------------------+----------+---------+
| e16e2ac10ed24bf7a248571237a502aa |  admin   |   True  |
| 087094720db94dd4bf6d0b24975b986d |   demo   |   True  |
| 5dd62c2fb016479fa0e5cf81ba920f8e | services |   True  |
| 14d3e5a9d6ea45c9a675de6b756bae26 |   sfdr   |   True  |
+----------------------------------+----------+---------+
  • As you can see it update the quota table with blah, even though blah does not exist.
MariaDB [cinder]> select * from quotas;
+----+---------------------+---------------------+------------+---------+----------------------------------+-----------+------------+
| id | created_at          | updated_at          | deleted_at | deleted | project_id                       | resource  | hard_limit |
+----+---------------------+---------------------+------------+---------+----------------------------------+-----------+------------+
|  2 | 2016-03-02 17:28:36 | 2016-03-04 14:00:55 | NULL       |       0 | demo                             | gigabytes |      10000 |
|  5 | 2016-03-02 17:28:36 | 2016-03-02 18:12:44 | NULL       |       0 | demo                             | volumes   |        100 |
|  8 | 2016-03-02 19:15:06 | NULL                | NULL       |       0 | demo                             | snapshots |         10 |
| 11 | 2016-03-02 19:46:43 | 2016-03-04 14:17:24 | NULL       |       0 | 087094720db94dd4bf6d0b24975b986d | gigabytes |      10000 |
| 14 | 2016-03-03 19:29:13 | 2016-03-04 14:16:37 | NULL       |       0 | 14d3e5a9d6ea45c9a675de6b756bae26 | gigabytes |      10000 |
| 17 | 2016-03-03 19:29:13 | NULL                | NULL       |       0 | 14d3e5a9d6ea45c9a675de6b756bae26 | snapshots |         10 |
| 20 | 2016-03-03 19:29:13 | NULL                | NULL       |       0 | 14d3e5a9d6ea45c9a675de6b756bae26 | volumes   |         10 |
| 23 | 2016-03-03 19:54:50 | NULL                | NULL       |       0 | sfdr                             | gigabytes |      10000 |
| 26 | 2016-03-03 19:54:50 | NULL                | NULL       |       0 | sfdr                             | volumes   |        100 |
| 29 | 2016-03-03 19:55:05 | NULL                | NULL       |       0 | sfdr                             | snapshots |        100 |
| 32 | 2016-03-04 16:03:16 | NULL                | NULL       |       0 | blah                             | snapshots |         11 |
+----+---------------------+---------------------+------------+---------+----------------------------------+-----------+----------

Environment

  • Red Hat OpenStack 6.0 , 7.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content