Merge "libvirt: Remove MIN_{QEMU,LIBVIRT}_LUKS_VERSION"

Zuul · openstack-gerrit · commit 713288286f3b · 2019-07-05T18:25:05.000Z
diff --git a/nova/tests/unit/virt/libvirt/test_driver.py b/nova/tests/unit/virt/libvirt/test_driver.py
@@ -8566,7 +8566,7 @@ def test_detach_encryptor_native_luks_device_path_secret_missing(self,
     @mock.patch.object(host.Host, "has_min_version")
     def test_use_native_luks(self, mock_has_min_version):
         drvr = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), False)
-        # True only when the required QEMU and Libvirt versions are available
+        # The required QEMU and Libvirt versions are always available
         # on the host and a valid LUKS provider is present within the
         # encryption metadata dict.
         mock_has_min_version.return_value = True
@@ -8585,24 +8585,6 @@ def test_use_native_luks(self, mock_has_min_version):
         self.assertTrue(drvr._use_native_luks({
             'provider': encryptors.LUKS}))
 
-        # Always False when the required QEMU and Libvirt versions are not
-        # available on the host.
-        mock_has_min_version.return_value = False
-        self.assertFalse(drvr._use_native_luks({}))
-        self.assertFalse(drvr._use_native_luks({
-            'provider': 'nova.volume.encryptors.cryptsetup.CryptSetupEncryptor'
-        }))
-        self.assertFalse(drvr._use_native_luks({
-            'provider': 'CryptSetupEncryptor'}))
-        self.assertFalse(drvr._use_native_luks({
-            'provider': encryptors.PLAIN}))
-        self.assertFalse(drvr._use_native_luks({
-            'provider': 'nova.volume.encryptors.luks.LuksEncryptor'}))
-        self.assertFalse(drvr._use_native_luks({
-            'provider': 'LuksEncryptor'}))
-        self.assertFalse(drvr._use_native_luks({
-            'provider': encryptors.LUKS}))
-
     def test_multi_nic(self):
         network_info = _fake_network_info(self, 2)
         drvr = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
@@ -12083,13 +12065,6 @@ def test_pre_live_migration_only_dest_supports_native_luks(self):
                 src_supports_native_luks=None, dest_supports_native_luks=True,
                 allow_native_luks=False)
 
-    def test_pre_live_migration_only_src_supports_native_luks(self):
-        # Assert that allow_native_luks is False when dest_supports_native_luks
-        # is False due to unmet QEMU and Libvirt deps on the dest compute.
-        self._test_pre_live_migration_works_correctly_mocked(
-                src_supports_native_luks=True, dest_supports_native_luks=False,
-                allow_native_luks=False)
-
     @mock.patch.object(libvirt_driver.LibvirtDriver, 'plug_vifs')
     @mock.patch.object(libvirt_driver.LibvirtDriver, '_connect_volume')
     @mock.patch('nova.virt.libvirt.utils.file_open',
@@ -12145,9 +12120,6 @@ def fixed_ips(self):
         self.stub_out('nova.virt.libvirt.driver.LibvirtDriver.'
                       '_create_images_and_backing',
                       lambda *args, **kwargs: None)
-        self.stub_out('nova.virt.libvirt.driver.LibvirtDriver.'
-                      '_is_native_luks_available',
-                      lambda self: dest_supports_native_luks)
 
         nw_info = FakeNetworkInfo()
 
@@ -12309,14 +12281,12 @@ def _test_pre_live_migration_volume_backed(self, encrypted_volumes=False):
 
         drvr = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), False)
         with test.nested(
-            mock.patch.object(drvr, '_is_native_luks_available'),
             mock.patch.object(drvr._host, 'find_secret'),
             mock.patch.object(drvr, '_connect_volume'),
             mock.patch.object(drvr, 'plug_vifs'),
-        ) as (mock_is_luks_available, mock_find_secret,
-              mock_connect_volume, mock_plug_vifs):
+        ) as (mock_find_secret, mock_connect_volume,
+              mock_plug_vifs):
 
-            mock_is_luks_available.return_value = True
             mock_find_secret.return_value = None
             if encrypted_volumes:
                 secret_vol1 = mock.Mock()
diff --git a/nova/virt/libvirt/driver.py b/nova/virt/libvirt/driver.py
@@ -270,9 +270,6 @@ def repr_method(self):
 # for details.
 MIN_LIBVIRT_MULTIATTACH = (3, 10, 0)
 
-MIN_LIBVIRT_LUKS_VERSION = (2, 2, 0)
-MIN_QEMU_LUKS_VERSION = (2, 6, 0)
-
 MIN_LIBVIRT_FILE_BACKED_VERSION = (4, 0, 0)
 MIN_QEMU_FILE_BACKED_VERSION = (2, 6, 0)
 
@@ -764,10 +761,6 @@ def _handle_native_tls(self, migration_flags):
             migration_flags |= libvirt.VIR_MIGRATE_TLS
         return migration_flags
 
-    def _is_native_luks_available(self):
-        return self._host.has_min_version(MIN_LIBVIRT_LUKS_VERSION,
-                                          MIN_QEMU_LUKS_VERSION)
-
     def _handle_live_migration_post_copy(self, migration_flags):
         if CONF.libvirt.live_migration_permit_post_copy:
             migration_flags |= libvirt.VIR_MIGRATE_POSTCOPY
@@ -1421,14 +1414,14 @@ def _extend_volume(self, connection_info, instance, requested_size):
                                         requested_size)
 
     def _use_native_luks(self, encryption=None):
-        """Is LUKS the required provider and native QEMU LUKS available
+        """Check if LUKS is the required 'provider'
         """
         provider = None
         if encryption:
             provider = encryption.get('provider', None)
         if provider in encryptors.LEGACY_PROVIDER_CLASS_TO_FORMAT_MAP:
             provider = encryptors.LEGACY_PROVIDER_CLASS_TO_FORMAT_MAP[provider]
-        return provider == encryptors.LUKS and self._is_native_luks_available()
+        return provider == encryptors.LUKS
 
     def _get_volume_config(self, connection_info, disk_info):
         vol_driver = self._get_volume_driver(connection_info)
@@ -8394,10 +8387,8 @@ def pre_live_migration(self, context, instance, block_device_info,
             src_native_luks = False
             if migrate_data.obj_attr_is_set('src_supports_native_luks'):
                 src_native_luks = migrate_data.src_supports_native_luks
-            dest_native_luks = self._is_native_luks_available()
-            allow_native_luks = src_native_luks and dest_native_luks
             self._connect_volume(context, connection_info, instance,
-                                 allow_native_luks=allow_native_luks)
+                                 allow_native_luks=src_native_luks)
 
         self._pre_live_migration_plug_vifs(
             instance, network_info, migrate_data)
