[APIImpact] Add a new glance-download import method

Implements: blueprint glance-download-import

Change-Id: I46c8e5e6a04d97d6968f7586c2fbd661f3813ca0
This commit is contained in:
Pierre-Samuel Le Stang 2022-05-04 10:04:12 +02:00
parent aeb0fbf6f4
commit 2953c404f5
No known key found for this signature in database
GPG Key ID: 3B0ABBFED75C5307
1 changed files with 273 additions and 0 deletions

View File

@ -0,0 +1,273 @@
..
This work is licensed under a Creative Commons Attribution 3.0 Unported
License.
http://creativecommons.org/licenses/by/3.0/legalcode
=============================================================================
Add new import method to support downloading image from another glance/region
=============================================================================
https://blueprints.launchpad.net/glance/+spec/glance-download-import
This spec describe a new import method called glance-download that implements a
glance to glance download in a multi-region cloud with a federated Keystone.
Problem description
===================
When dealing with a multi-region cloud it often appears that operators or
customers need to copy images from a region to another, for example:
* Copy all your public images between your regions (operator)
* Copy instance snapshot in another region to have a backup (user)
* Build your base application image from a factory in one region, then
propagate it to multiple regions (user)
We can't rely on the "copy-image" import method to copy an image from a
backend to another because it requires the same glance endpoint in the same
region which is not our use-case here.
The only way we have to do it now is to locally download the image data and
upload it elsewhere, which requires some orchestration, and is a huge disk
space and bandwidth loss.
Proposed change
===============
Implement an internal plugin called glance-download based on the existing
internal plugin web-download that will import an image stored on a remote
glance. The web-download workflow will remain unchanged, the only difference
is to retrieve the downloadable data from an other glance endpoint instead of
from an arbitrary URL.
We should note several things:
* To authenticate on the remote glance we propose to use the context token
of the call, so it will require a federated Keystone environment between
the two Glance.
* The creation of the image must be handled by the end user as for the
web-download plugin meaning that it is the responsibility of the user to
take care of disk format, container format and metadata of the newly
created image.
If necessary, the plugin will update the container_format and disk_format
to match what is set on source glance.
* The plugin will come with an extra task in the taskflow that will be in
charge of setting the container_format and disk_format to be the same as it
is on the source glance. It will also copy some extra properties defined in
the extra_properties_prefixes option of glance_download_properties section.
The default extra_properties_prefixes values are 'hw\_', 'trait:', 'os_distro',
'os_secure_boot' and 'os_type' which are needed to ensure an instance can boot
on the image. An operator will be able to remove or add other extra
properties by modifying this configuration variable.
This extra_properties_prefixes is a list of prefixes, meaning that all the
metadata that are starting with a prefix belonging to that list will be
copied.
.. code-block:: ini
[glance_download_properties]
extra_properties_prefixes = [
'hw_',
'trait:',
'os_distro',
'os_secure_boot',
'os_type'
]
..
* If metadata injection is configured on the target glance it will override
the metadata as the injection is run after the import.
Alternatives
------------
We could imagine a take out alternative where the owner of the image in the
source cloud generates a limited-use tokenized URL that allows access to the
image without any keystone auth. Such solution is more risky as we do not
have any authentication mechanism to access the remote image. It will also
require rewriting the code as there is no existing source.
This would also require developing a mechanism to manage creation and
expiration of the temporary urls which would result in a more complex solution
that requires more time to develop, document and test.
Data model impact
-----------------
None
REST API impact
---------------
Modification of existing API resource
* Resource **/v2/images/<image id>/import**
* Method: **POST**
* Common response code:
* *201*: import job queued
* *400*: bad request with details
* *401*: Unauthorized
* *403*: Forbidden
* JSON body definition
.. code-block:: javascript
"method": {
"name": {
"description": "Name of the method used, here is glance-download",
"type": "string"
},
"glance_image_id": {
"description": "The image id to download on remote glance",
"type": "string"
},
"glance_region": {
"description": "The region name of remote glance",
"type": "string"
},
"glance_service_interface": {
"decription": "The interface of remote glance, default to 'public'",
"type": "string"
}
}
..
Example:
.. code-block:: javascript
"method": {
"name": "glance-download",
"glance_image_id": "02ea04ba-72b3-4687-810d-8ba10c991a97",
"glance_region": "REGION1",
"glance_service_interface": "admin"
}
..
Security impact
---------------
We use the token of the request to authenticate on remote glance. As we are in
multi-region context with a federated keystone, there is no security impact.
Notifications impact
--------------------
None
Other end user impact
---------------------
Users will have a new import mechanism open to them, after updating their
client
Performance Impact
------------------
None
Other deployer impact
---------------------
None
Developer impact
----------------
None
Implementation
==============
Assignee(s)
-----------
Primary assignee:
pslestang
Other contributors:
alistarle
Work Items
----------
* glance:
* Create a base download class that will be inherited by web-download and
glance-download
* Patch the web-download class to inherit from base download class
* Write the glance-download class
* Patch the api image import to support the glance-download method
* Add in task flow a class in charge of:
* setting the correct container_format and disk_format
* copying the metadatas defined in extra_properties option of the
glance_download_properties section. Default list must be
['hw\_', 'trait:', 'os_distro', 'os_secure_boot', 'os_type']
* The class has to be added to taskflow as a normal task to be reusable if
needed. We only have to check for input parameters to know if it can be
run or not.
* Add the glance-download internal plugin in setup
* write unit/functional tests
* update documentation
* glance and openstack client
* add support for glance-download method
* update documentation
Dependencies
============
None
Testing
=======
* Unit and functional tests in Glance
* Tempest tests. Testing glance-download plugin with the g-api-r separate
endpoint looks good even if it shares the same database to validate the
workflow.
Documentation Impact
====================
The documentation needs to be updated to identify this new import method
References
==========
* https://review.opendev.org/c/openstack/glance/+/840318