Made provision to read gloabl glance-api.conf file by
cache-pruner, cache-cleaner command line utility tools
to make those compatible with centralized_db cache driver.
Related blueprint centralized-cache-db
Change-Id: I88d28dd086b6b57bedd9eda73534fa3e05dc8cc6
As per the revised SRBAC community goals, glance service is now
switching to new defaults by default hence removing the deprecated
``enforce_secure_rbac`` option which is no longer needed.
The ``enforce_secure_rbac`` option was introduced EXPERIMENTAL in
Wallaby release for operators to opt into enforcing authorization
based on common RBAC personas.
Related blueprint secure-rbac
Change-Id: I273527c85d30c1c09c086c73c892aaa6d127df6b
This does two things:
1. It makes us check that the QCOW backing_file is unset on those
types of images. Nova and Cinder do this already to prevent an
arbitrary (and trivial to accomplish) host file exposure exploit.
2. It makes us restrict VMDK files to only allowed subtypes. These
files can name arbitrary files on disk as extents, providing the
same sort of attack. Default that list to just the types we believe
are actually useful for openstack, and which are monolithic.
The configuration option to specify allowed subtypes is added in
glance's config and not in the import options so that we can extend
this check later to image ingest. The format_inspector can tell us
what the type and subtype is, and we could reject those images early
and even in the case where image_conversion is not enabled.
Closes-Bug: #1996188
Change-Id: Idf561f6306cebf756c787d8eefdc452ce44bd5e0
As 'glance-download' requires federated deployments it should
not be enabled by default.
Added line explaining it being available for such deployments
in the config help text.
Change-Id: Icc792e23aad9e7a9a788e6b5826bc5aae54ae978
Add a new import method called glance-download
that implements a glance to glance download in
a multi-region cloud with a federated Keystone.
This method will copy the image data and
selected metadata to the target glance, checking
that the downloaded size match the "size" image
attribute in the source glance.
Implements: blueprint glance-download-import
Co-Authored-By: Victor Coutellier <victor.coutellier@gmail.com>
Change-Id: Ic51c5fd87caf04d38aeaf758ad2d0e2f28098e4d
The default value is being set too early. We don't want to use
the value of sys.executable at the time the config is generated,
because that's unlikely to map to an existing interpreter in an
actual deployment.
Change-Id: Ic40f582f83e04c6915a3fcb231d6d95ca071c100
Closes-bug: #1962581
This adds some infrastructure to be able to query and honor limits
declared in keystone. It adds a single initial quota value for the
total size of all active images for bootstrapping the tests.
Checking these values is controlled by a new configuration option
that globally enables and disables the checking, defaulting to
False.
Related to blueprint glance-unified-quotas
Change-Id: I8d8f4aaed465486e80be85bc9a5d2c2be7f1ecad
This implements distributed image import support, which addresses
the problem when one API worker has staged the image and another
receives the import request.
The general approach is that when a worker stages the image, it
records its self-reference URL in the image's extra_properties. When
the import request comes in, any other host will proxy that HTTP
request direct to the original host instead of trying to do the import
itself.
Implements: blueprint distributed-image-import
Change-Id: I12daccb43c535b579c22f9d0742039b2ab42e929
This informs operators of glance's support status for secure RBAC as of
the Wallaby release. Eventually, this message will be removed when
glance adopts more support for secure RBAC personas.
This also forces glance to fail if it's configured improperly. This is
done to explicitly prevent ambiguity with authoritative decisions.
Related: blueprint secure-rbac
Change-Id: I06293de08dd3fdfbd60b9a65501d1198f40ff434
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:
1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.
2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.
Also convert the ./glance/tests/etc/policy.json to policy.yaml
file. Replace policy.json to policy.yaml ref from doc and tests.
[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Depends-On: https://review.opendev.org/c/openstack/nova/+/773192
Change-Id: I17d0374dd4223688e5f95253802a4ae87377953a
The image conversion plugin does a processutils exec(), which needs
to spawn python for prlimit support. Under uwsgi, sys.executable
points to uwsgi itself, which won't work in this case. This introduces
a [wsgi]/python_interpreter config option (because I don't think
there is any way to get this from uwsgi itself) which we use for
the exec. By default, it's sys.executable, which is what is used
right now so nobody should notice a change unless they need it.
Note: Making this depend on the devstack change to remove the wsgi
import restriction so we can get a test on it.
Partial-Bug: #1888713
Change-Id: I7cb2e135d6ea2cb21de55060df3f7bf40b3e64b6
This teaches glance-api how to do async threading things when it is
running in pure-WSGI mode. In order to do that, a refactoring of things
that currently depend on eventlet is required.
It adds a [wsgi]/task_pool_threads configuration knob, which is used
in the case of pure-WSGI and native threads to constrain the number
of threads in that pool (and thus the task parallelism). This will
allow tuning by the operator, but also lets us default that to just
a single thread in the backport of these fixes so that we can avoid
introducing a new larger footprint in the backport unexpectedly.
Partial-Bug: #1888713
Depends-On: https://review.opendev.org/#/c/742047/
Change-Id: Ie15028b75fb8518ec2b0c0c0386d21782166f759
This patch removes majority of the registry and it's related
endpoints and config options that has been deprecated for
removal in various releases.
Change-Id: I75014bd50bf382efebe56bd89c20ffefbdde25f5
Added new import method 'copy-image' which will copy existing image into
specified list of stores. Introduced additional task which will serve
as internal plugin which will allow copying existing image into staging
area and then this data will be uploaded to specified stores via regula
import flow.
NOTE: This new import method 'copy-image' is only supported if multiple
stores are enabled in deployment.
APIImpact
Implements: blueprint copy-existing-image
Change-Id: I13eaab7ab013f44ce18465bdbdbe8052942570ff
This patch introduced double registering of the same
config option groups which fails glance-api start
if reserved stores are actually defined.
The code utilizing these config options has not been
merged which prevented testing to catch this.
Closes-Bug: #1844108
This reverts commit 4265e61bc8.
Change-Id: Iaf338d29673e68a15d37fdda81add552e4175634
The deprecation messages of node_staging_uri and work_dir
were claiming that local directory is not needed after moving
to multistore. This is not exactly true and gave false
expectations of the current capabilities.
For now only the way to configure those needed folder and
how they are internally accessed is changing.
This change corrects the deprecation message to reflect
current state.
Change-Id: I39c170903c64181841a22c7b9bdaa3b5a1346caa
Closes-Bug: #1843891
This patch is purposed to support a new container_format
so that we can do image compression when uploading a volume
to glance and decompression when downloading a image from
glance.
This patch includes:
1. A new container_format option: 'compressed'.
2. Unit test for new option.
DocImpact
Implements: blueprint leverage-compression-accelerator
Depends-On: https://review.opendev.org/#/c/670454/
Change-Id: I62159315346e99522740383dd4bb5d2cc0ee368d
Since we know the names of the reserved stores, we can add them
to the config file to make it easier for operators to configure
these things.
Includes deprecation of the 'work_dir' and 'node_staging_uri'
options.
Change-Id: I992cf468f9ce156ba51b1dd025459939acd8dce0
This change removes one " that has been inserted by mistake.
Depending on the editor in use this additional " confuses
syntax highlighting issues otherwise.
Change-Id: I6838d6b131bb6861084f9fde77b2756d6a4ec787
Update logged text to indicate our intentions with respect
to the show_multiple_locations configuration option, which
has been deprecated since Newton and advertised as subject
to removal in Pike. Also correct the misleading impression
in the deprecation notice and earlier release notes that
functionality that requires show_multiple_locations = True
can be configured via policies at the current time. Also
adds a release note to this effect.
Change-Id: I5bf0c8af9dfe87e0d17f7a16d4676f387b4379f6
Closes-bug: #1808375
Fix the typo in the help text for the hasing_algorithm configuration
option introduced in Rocky for the multihash implementation.
Change-Id: I709631666895b4de49290178eaa5968ea0ae2e2f
This change removes option to configure Images API v1
This change removes Images API v1 endpoints from the router
This change removes all v1 tests
This change removes the v1 dependant glance-cache-manage command
This change does not remove all v1 codebase. Further cleanup and
decoupling will be needed.
Change-Id: Ia086230cc8c92f7b7dfd5b001923110d5bc55d4d
This change adds 'web-download' Image Import method.
Changes discovery call returning actual enabled methods rather than
hardcoded value.
Change-Id: I3960d07cfa4e1be391f7a164147611724788d83e
The documentation references the section DEFUALT
instead of DEFAULT. As this is most likely a
spelling error which will cause confusion, it is
better if we fix it.
This patch corrects the config option information
and includes an updated set of sample config files
generated from the current code including the fix.
Change-Id: If3c5e334aa1fa2ff5a28f52c00330d42cb9bcf9d
With the original method _get_deployment_config_file() in config.py,
if the option config_file is specified in glance-api.conf, and run
command 'glance-api' under a directory, the the method load_paste_app()
will throw an IOError, but the IOError dose not been catched. The same
error will happen with'glance-registery'.
The reason for this IOError is the code "os.path.abspath(path)" in
_get_deployment_config_file() will return a value
'{cur_dir}/glance-api-paste.ini', but the 'glance-api-paste.ini' does
not exist under {cur_dir}.Such as running the command under /opt, but
the 'glance-api-paste.ini' dose not exist under /opt.
This pacth modifies one line of code in method _get_paste_config_path()
for solving the IOError. At the same time, it provides one test case.
Change-Id: I970c1acb073700b15e153dd08c9ec14d20f0e83d
Closes-Bug: 1712226
Help text for enable_image_import refers to [TASKS] whereas the
related option group is named [task]. This patch corrects the
text so that operators don't add config for a group that doesn't
exist and then wonder why it's not having any effect.
Change-Id: Icd79be4eb9d363e70955dbe208aba8564cf21e8e
In the file common/wsgi.py and common/config.py, the unused import
is still existed, This patch is to remove the redundant codes.
Change-Id: I7869121a2fc11b44f81b03adfd9b5807e8d08ce7
This change addresses the comments on the help text wording
that were postponed to avoid continuous rebasing of the whole
change chain.
Change-Id: I483c56fe5450c51a86cef47cc3fcef80afb9f5c2
The node_staging_uri will be used for the API logic saving the data
user uploads to the new staging endpoint and async flow to pick it
from there when processing the rest of the workflow.
For the first iteration, only FS path is allowed and supported.
URI format used to provide future expansion for possibility to use
different shared backends between the nodes. The location access must
be shared between the nodes.
The enable_image_import config option is introduced as deprecated and
is only there to ensure smooth upgrades. Having it disabled per default
in Pike allows glance-api to start and operate with Newton config
files and the new feature disabled.
From Queens onwards 'node_staging_uri' option must be configured for full
operation of glance-api as the enable_image_import will default to True.
At this point the 'enable_image_import' option will become redundant
and can be removed on R.
Change-Id: Ie5ab21ec3f9c880fa042dcc68865c1fceb9463ec
Probably the most common format for documenting arguments is reST field
lists [1]. This change updates some docstrings to comply with the field
lists syntax.
[1] http://sphinx-doc.org/domains.html#info-field-lists
Change-Id: I0300dbac6dc02681cec2725b3c44a7dd1bfd7b4e
Some configuration options were accepting both IP addresses
and hostnames. Since there was no specific OSLO opt type to
support this, we were using ``StrOpt``. The change [1] that
added support for ``HostAddressOpt`` type was merged in Ocata
and became available for use with oslo version 3.22.
This patch changes the opt type of configuration options to use
this more relevant opt type - HostAddressOpt.
[1] I77bdb64b7e6e56ce761d76696bc4448a9bd325eb
Change-Id: I06e8cff035ecfaa651e215d7b18de5abc3a273c3
This option will be mentioned in an upcoming OSSN. I think it will
be confusing to operators if the option is removed now, and it will
also be confusing if the text says "will be removed in the Ocata
release". This patch changes the text to say "will be removed in
the Pike release or later".
Corresponding release note has been added.
Co-Authored-By: Brian Rosmaita <brian.rosmaita@rackspace.com>
Co-Authored-By: Nikhil Komawar <nik.komawar@gmail.com>
Change-Id: Ib599afaee8f48f141be125a4016aece1e40e36cf