From dbfc121072dff4981532b068bb210f9c73c7b98c Mon Sep 17 00:00:00 2001 From: Flavio Percoco Date: Sun, 8 May 2016 11:06:33 -0400 Subject: [PATCH] Deprecate `show_multiple_locations` option There are currently several ways to disable/enable multiple_locations. One is through a global config option (show_multiple_locations) and the other one is through a more granular RBAC using Glance's policies. Maintaining two different ways to configure, enable and/or disable a feature is painful for developers and operators. Given that we have a more granular way to manage this feature and that it's the preferred one given the provided ability to chose what each role can/cannot do, this patch proposes to remove the global config option. There have been concerns about this proposal mostly on the fact that it'll remove the ability to "turn off" the entire feature with a single option. This doesn't seem to be a strong enough motivation to warrant the effort of maintaining these 2 options. This patch marks the aforementioned option as deprecated. UpgradeImpact DocImpact Co-Authored-By: Flavio Percoco Co-Authored-By: Nikhil Komawar Lite-spec: https://review.openstack.org/360220 Change-Id: I1c5cb7834c2cf3295e10bad7fd07cfacb8e4ac50 --- glance/common/config.py | 11 +++++++- ...ow-multiple-location-9890a1e961def2f6.yaml | 26 +++++++++++++++++++ 2 files changed, 36 insertions(+), 1 deletion(-) create mode 100644 releasenotes/notes/deprecate-show-multiple-location-9890a1e961def2f6.yaml diff --git a/glance/common/config.py b/glance/common/config.py index e498b6a885..a4a89db76a 100644 --- a/glance/common/config.py +++ b/glance/common/config.py @@ -115,7 +115,16 @@ common_opts = [ 'in image properties. Revealing storage location can ' 'be a security risk, so use this setting with ' 'caution!')), - cfg.BoolOpt('show_multiple_locations', default=False, + # NOTE(flaper87): The policy.json file should be updated and the locaiton + # related rules set to admin only once this option is finally removed. + cfg.BoolOpt('show_multiple_locations', + default=False, deprecated_for_removal=True, + deprecated_reason=_('This option will be removed in the Ocata ' + 'release because the same functionality ' + 'can be achieved with greater granularity ' + 'by using policies. Please see the Newton ' + 'release notes for more information.'), + deprecated_since='Newton', help=_('Whether to include the backend image locations ' 'in image properties. ' 'For example, if using the file system store a URL of ' diff --git a/releasenotes/notes/deprecate-show-multiple-location-9890a1e961def2f6.yaml b/releasenotes/notes/deprecate-show-multiple-location-9890a1e961def2f6.yaml new file mode 100644 index 0000000000..1a5757d663 --- /dev/null +++ b/releasenotes/notes/deprecate-show-multiple-location-9890a1e961def2f6.yaml @@ -0,0 +1,26 @@ +--- +prelude: > + Deprecate the ``show_multiple_locations`` configuration + option in favor of the existing Role Based Access + Control (RBAC) for Image locations which uses + ``policy.json`` file to define the appropriate rules. + Maintaining two different ways to configure, enable + and/or disable a feature is painful for developers and + operators, so the less granular means of controlling + this feature will be eliminated in the **Ocata** + release. Please read upgrade section for more details. +upgrade: + - For the Newton release, this option will still be + honored. However, it is important to update + ``policy.json`` file for glance-api nodes. In + particular, please consider updating the policies + ``delete_image_location``, ``get_image_location`` and + ``set_image_location`` as per your requirements. As this + is an advanced option and prone to expose some risks, + please check the policies to ensure security and privacy + of your cloud. + - Future releases will ignore this option and just + follow the policy rules. It is recommended that this + option is disabled for public endpoints and is being + only used internally for service-to-service + communication.