diff options
| author | Michael Still <mikal@stillhq.com> | 2018-03-20 17:24:52 +1100 |
|---|---|---|
| committer | Matt Riedemann <mriedem.os@gmail.com> | 2018-05-15 10:09:01 -0400 |
| commit | e38caa2de0c4ac1762822286a4075c593d3eefb2 (patch) | |
| tree | f5ac813768228df4c54c2b6dac9f811dc093e745 /nova/virt/images.py | |
| parent | 7e2f459032e842cd7cd53622c9fdd3056480789a (diff) | |
| download | nova-e38caa2de0c4ac1762822286a4075c593d3eefb2.tar.gz | |
Move image conversion to privsep.
Following a similar pattern to previous changes, move calls to
qemu-img to convert between image formats to use privsep.
Change-Id: I2c3df909a783e1480d3ab4ca10b34b84ac9e4b5f
blueprint: hurrah-for-privsep
Diffstat (limited to 'nova/virt/images.py')
| -rw-r--r-- | nova/virt/images.py | 31 |
1 files changed, 8 insertions, 23 deletions
diff --git a/nova/virt/images.py b/nova/virt/images.py index dfd415052d..01bcb4d64c 100644 --- a/nova/virt/images.py +++ b/nova/virt/images.py @@ -32,6 +32,7 @@ import nova.conf from nova import exception from nova.i18n import _ from nova import image +import nova.privsep.qemu from nova import utils LOG = logging.getLogger(__name__) @@ -116,30 +117,14 @@ def convert_image_unsafe(source, dest, out_format, run_as_root=False): def _convert_image(source, dest, in_format, out_format, run_as_root): - # NOTE(mdbooth): qemu-img convert defaults to cache=unsafe, which means - # that data is not synced to disk at completion. We explicitly use - # cache=none here to (1) ensure that we don't interfere with other - # applications using the host's io cache, and (2) ensure that the data is - # on persistent storage when the command exits. Without (2), a host crash - # may leave a corrupt image in the image cache, which Nova cannot recover - # automatically. - # NOTE(zigo): we cannot use -t none if the instances dir is mounted on a - # filesystem that doesn't have support for O_DIRECT, which is the case - # for example with tmpfs. This simply crashes "openstack server create" - # in environments like live distributions. In such case, the best choice - # is writethrough, which is power-failure safe, but still faster than - # writeback. - if utils.supports_direct_io(CONF.instances_path): - cache_mode = 'none' - else: - cache_mode = 'writethrough' - cmd = ('qemu-img', 'convert', '-t', cache_mode, '-O', out_format) - - if in_format is not None: - cmd = cmd + ('-f', in_format) - cmd = cmd + (source, dest) try: - utils.execute(*cmd, run_as_root=run_as_root) + if not run_as_root: + nova.privsep.qemu.unprivileged_convert_image( + source, dest, in_format, out_format, CONF.instances_path) + else: + nova.privsep.qemu.convert_image( + source, dest, in_format, out_format, CONF.instances_path) + except processutils.ProcessExecutionError as exp: msg = (_("Unable to convert image to %(format)s: %(exp)s") % {'format': out_format, 'exp': exp}) |