From 9e28810cc57a5a38bc5793a7855ef34bd5e3120c Mon Sep 17 00:00:00 2001 From: Rajat Dhasmana Date: Wed, 24 Jul 2024 07:31:46 +0000 Subject: [PATCH] Do not set_acls if store is not associated to glance node In case of glance multiple stores (mostly for ceph) nova initiates copy-image functionality if image, from which the sever is being created, is not present in the referring ceph store. This can fail if image location which is already present in image but not available for that glance edge node. This scenario can only be reproducible with EDGE deployment. In order to fix this, if the store is defined on that glance node then only call set_acls method, else ignore it. Closes-Bug: #2073945 Change-Id: I0409982ae27b662e60dd2363ba2f7863d0722fea (cherry picked from commit ee7e96f06af741bb34bedac18fa2c4616fcc3905) (cherry picked from commit aec654ff2cbe75ef682eafa1d83906f18fd48c93) --- glance/location.py | 26 +++++++++++++++++-- .../notes/fix-set-acls-bc17b5e125425c9b.yaml | 7 +++++ 2 files changed, 31 insertions(+), 2 deletions(-) create mode 100644 releasenotes/notes/fix-set-acls-bc17b5e125425c9b.yaml diff --git a/glance/location.py b/glance/location.py index cf05fcdb2d..60120717d8 100644 --- a/glance/location.py +++ b/glance/location.py @@ -63,8 +63,19 @@ class ImageRepoProxy(glance.domain.proxy.Repo): member_ids = [m.member_id for m in member_repo.list()] for location in image.locations: if CONF.enabled_backends: + # NOTE(whoami-rajat): Do not set_acls if store is not defined + # on this node. This is possible in case of edge deployment + # that image location is present but the actual store is + # not related to this node. + image_store = location['metadata'].get('store') + if image_store not in CONF.enabled_backends: + msg = (_("Store %s is not available on " + "this node, skipping `_set_acls` " + "call.") % image_store) + LOG.debug(msg) + continue self.store_api.set_acls_for_multi_store( - location['url'], location['metadata'].get('store'), + location['url'], image_store, public=public, read_tenants=member_ids, context=self.context ) @@ -655,8 +666,19 @@ class ImageMemberRepoProxy(glance.domain.proxy.Repo): member_ids = [m.member_id for m in self.repo.list()] for location in self.image.locations: if CONF.enabled_backends: + # NOTE(whoami-rajat): Do not set_acls if store is not + # defined on this node. This is possible in case of edge + # deployment that image location is present but the actual + # store is not related to this node. + image_store = location['metadata'].get('store') + if image_store not in CONF.enabled_backends: + msg = (_("Store %s is not available on " + "this node, skipping `_set_acls` " + "call.") % image_store) + LOG.debug(msg) + continue self.store_api.set_acls_for_multi_store( - location['url'], location['metadata'].get('store'), + location['url'], image_store, public=public, read_tenants=member_ids, context=self.context ) diff --git a/releasenotes/notes/fix-set-acls-bc17b5e125425c9b.yaml b/releasenotes/notes/fix-set-acls-bc17b5e125425c9b.yaml new file mode 100644 index 0000000000..15526cb9a7 --- /dev/null +++ b/releasenotes/notes/fix-set-acls-bc17b5e125425c9b.yaml @@ -0,0 +1,7 @@ +--- +fixes: + - | + `Bug #2073945 `_: + Fixed issue with VM creation in DCN cases with RBD backend where + an edge node doesn't have the store defined which is part of the + image locations and the operation fails.