This change replaces the existing boolean 'is_public' column for
the 'images' table with enum 'visibility' column featuring the
four explicit visibility values - public, private, shared,
and community.
This change also implements and enables all backend code to
utilize the new values.
Co-Authored-By: Timothy Symanczyk <timothy_symanczyk@symantec.com>
Co-Authored-By: Dharini Chandrasekar <dharini.chandrasekar@intel.com>
Implements: blueprint community-level-v2-image-sharing
Closes-Bug: #1394299
Closes-Bug: #1452443
Depends-On: I6e3268f3712cbc0aadb51d204c694023b92d55a5
Change-Id: I94bc7708b291ce37319539e27b3e88c9a17e1a9f
In preparation for the last Ocata beta milestone, let's update our
configuration files. This will also allow for other folks who are
updating config files to create much smaller diffs.
Change-Id: Id644879bb9e93a291c7935eaeacf664bbf46efc2
Virtuozzo hypervisor reports itself as 'vz' hypervisor, and it
was supported as libvirt virt type since Kilo. Let's expand
image metadata so that it will possible to filter out compute nodes,
which don't support images requiring hypervisor_type=vz
Lite-Spec-Id: I6ba0fcf670aecddde95cfdc6850cdb751dec2058
Change-Id: I51afacf83655107a6c4e4c226623fa360bdafca2
Nova has supported this image property for awhile so let's
document it in the glance metadef registry.
DocImpact: Need to update 'Image service property keys' doc
in the CLI reference:
http://docs.openstack.org/cli-reference/glance-property-keys.html
Change-Id: I7c77fb13f20b59ad764070d14dc98a46f8b7c823
There's a bug in glance_store ( bug 1619487 ) that results in a
reordering of the store related configurations everytime the tool to
autogenerate configs is used.
This commit generates the Newton config in the deterministic way by
using the suggested solution described on the bug.
For more information and background discussions see change
Iea2c538b37182191445cc5c1f8b2d9dceed06343
Related-Change: I3146b8597a5d89da49b84d6653edacc3067c2c71
Change-Id: Idbea98865ccfc14563ab4357764383e1e7021542
During the release many config options are changed or updated. The
sample config files provided in tree (under etc/*) need to be updated
using the autogeneration tool as these files are being used in different
places. Some examples are devstack gates, downstream packagers shipping
with the same (or using defaults from these files), etc.
Hence, before we cut a release we need to refresh the config files
shipped with tree to match the changes done in the source code during
the release cycle.
This commit is intended to refresh the entire set of config files for
Newton. They include:
* glance api and registry related configs
* scrubber, cache and manage utilities' configs
* any other configs coming from downstream like oslo libraries,
glance_store, etc.
* belonging to affiliated code base like glare.
Change-Id: Iea2c538b37182191445cc5c1f8b2d9dceed06343
Co-Authored-By: Nikhil Komawar <nik.komawar@gmail.com>
Co-Authored-By: Hemanth Makkapati <hemanth.makkapati@rackspace.com>
CPU pinning policy is defined, but CPU thread pinning policy is not.
Resolve this.
UpgradeImpact
Change-Id: Ie3027a9ee92ac272b6c9a07926aa529d72187d00
Closes-bug: #1612341
Change IDs I123be151fdda8037e62ba21600e63c45fdc90c8d and
Ie332236d6e11e0cb63114bc1c68c3a8691f1f1ae fix adding some missing config
options to be included as a part of the sample configs. We need to
refresh the configs to include those to be part of the latest sample
set. This commit refreshes some of the config for that purpose.
This change has been inspired while writing release notes here
If0b8b731c2a1a1c41fc612d506c350073d832efa . It was observed that the
bugs mentioned missing config opts in the sample files and have been
marked fixed. However, in order to make the release notes consistent
with that claim and to mention, as a part of the release notes, that
those bugs have been fixed, refreshing this has become important.
Change-Id: I534a0dc2d9f82ab70517cde12bfd40d4f5ae69e2
Related-Bug: 1568723
Related-Bug: 1568894
By default, the config generator wraps the text in configuration files
at 70. This destroys the formatting of our help text strings.
To preserve the formatting, we wrap it at 80 just like we do for code.
Change-Id: I1a9aff4a4c7ea09a8136b3a26d9c22fb270d6226
This patch adds the Hyper-V 'vhdx' disk format to the Glance
configuration. This allows users to upload 'vhdx' images by default.
'vhdx' disks can have much larger storage capacity than the older 'vhd'
format [1]. (Plus, anything with 'x' in the name is awesome.)
DocImpact: Docs will need to be updated to indicate that the 'vhdx'
disk_format is now one of the default disk formats supported by Glance.
UpgradeImpact: Adds 'vhdx' to the default list of disk_formats. Operators
will no longer need to configure specifically to use 'vhdx' disks.
[1] https://technet.microsoft.com/en-us/library/hh831446(v=ws.11).aspx
Spec-Lite: https://review.openstack.org/#/c/347626
Change-Id: I4e172c78d7afeb8be5a0123238efe3d8e4b044c9
Now when generating the config samples of Glance, glance-api.conf,
glance-glare.conf and glance-registry.conf will include duplicated
config options for osprofiler. It's because we're collecting
osprofiler's options at two places: etc/oslo-config-generator and
glance/opts.py. So to remove the duplication and keep consistenty
with the other options format, the patch removes the collecting
from etc/oslo-config-generator.
Change-Id: I45ef0bc8453cb8894dc245b8acf390b9ee0f6bfd
From: https://review.openstack.org/#/c/309346/
"
I investigated the behaviour of the policy file when various policies
are removed.
A completely empty policy file will return a 403 Forbidden. As the user
will not match with any of the policies.
However, because glance has the policy ``default: ""``. It means that
any policy that is not explicitly stated in the the policy.json, is
by default usable by any member. I think that the ``default`` option
is a potentially bad thing to have in the policy.json file, due to the
ability to give permissions without explicitly stating it.
"
Therefore we should change ``"default": "",`` to ``"default":
"role:admin",``. To make sure that members don't inherit policies that
they shouldn't in the future. From a operators perspective it should be
more secure to have an opt-in rather than opt-out.
Change-Id: I57f9d4791126360079a941c1ff4cb2bbb86298d5
Closes-Bug: 1593177
The HTTP_X_FORWARDED_PROTO handling fails to handle the case of
redirecting the /v1 request to /v1/ because it is handled purely by
routes and does not enter the glance wsgi code. This means a https
request is redirect to http and fails.
oslo.middleware has middleware for handling the X-Forwarded-Proto header
in a standard way so that services don't have to and so we should use
that instead of our own mechanism.
Leaving the existing header handling around until removal should not be
a problem as the worst that will happen is it overwrites an existing
'https' header value set by the middleware.
Closes-Bug: #1558683
Closes-Bug: #1590608
Change-Id: I481d88020b6e8420ce4b9072dd30ec82fe3fb4f7
Currently, the oslo config generator takes glance_store configs in
consideration while generating sample configs for the registry. Registry
doesn't really need these configs.
This patch removes the store config namespace from the oslo
config generator's setup to avoid regeneration of store section in
registry sample.
Sample configs have been regenerated using `tox -e genconfig` command to
make sure they reflect the change proposed. Only the
glance-registry.conf file has been refreshed as a part of this commit.
Closes-Bug: 1584350
Change-Id: I27c53d281dcd97a30c22a27c4833b24e1ca84f83
Starting with 1.0.0 osprofiler release options needed for
its workability are consolidated inside osprofiler itself.
Let's use them.
Change-Id: Ib0266e0a6e9bfa99c4bacbdca623ab1211a822eb
The option was used to enable experimental Artifacts API
that was moved to glance-glare service. This config option
does not do anything and is removed to avoid confusion.
Removed apropriate sections from example config files as well.
Change-Id: Ie84f3f65ec88fd30197758ac319ef5b2f4c313e2
Closes-bug: 1556050
This should be the last time reordering happening by the
configgenerator. In future we should see only actual changes but to get
there we need to do this massive change once more.
Closes-Bug: 1553330
Change-Id: Icca0a94a40ba640ca75e01b5cd0d061dacd334ff
Parameter 'use_user_token' in glance-api.conf
was considered as harmful and not acceptable
for real deployments, because if it's disabled,
it changes system behaviour and allows any regular
user to perform requests with admin credentials.
In functional tests the default value was set
to True to prevent possible failures in the future.
Besides, several admin authN parameters were
deprecated as well, because they are useless without
'use_user_token'.
All required information was added to related
documentation sections, sample config file was
updated as well.
https://wiki.openstack.org/wiki/OSSN/OSSN-0060
Change-Id: Icfef49d787fa58e2af2e60e4fdc96633c5f0c010
Related-bug: #1493448
The default values needed for glance's implementation of cors
middleware have been moved from paste.ini into the configuration
hooks provided by oslo.config. Furthermore, these values have been
added to glance's default configuration parsing. This ensures
that if a value remains unset in glance-api.conf, it will be set to use
sane defaults, and that an operator modifying the configuration
file will be presented with a default set of necessary sane headers.
Change-Id: I3c9d267b6224d6c7e5cc2c41cb51fb7e363c4955
Closes-Bug: 1551836
Adds into the Glance metadata definitions items from the Common
Information Model (CIM) schema, include setting data for processor
allocation, resource allocation, storage allocation and virtual
system, which can be associated with several OpenStack resources
to make them interoperable from a end-user specific perspective.
Implements: blueprint cim-namespace-metadata-definitions
Change-Id: If769bae8fcf1803bb2432537228f9633ad789e58
Supports import of OVA/OVF package to Glance by adding a new task to
the existing Glance import workflow. Automatically extracts single disk
image from OVA tarball and saves it to the Glance image store. It also
parses the included OVF file for interested metadata. Extracted
metadata is included as uploaded image's properties.
To kick off this flow, specify 'ova' as 'container_format' in the
task-create request. Specify interested metadata in the
'ovf-metadata.json' conf file, generally located at /etc/glance. Any
other additional metadata found in the OVF file will be ignored.
Currently this is an admin only feature and only supports upload of
single disk images. Also currently we will only be supporting extracting
properties from CIM_ProcessorAllocationSettingData.
Co-Authored-By: Jakub Jasek <jakubx.jasek@intel.com>
Co-Authored-By: Deepti Ramakrishna <deepti.ramakrishna@intel.com>
Change-Id: I4c9c9566895c2426f26d2750c8e2a23b39468fb1
Implements: blueprint ovf-lite
EXPERIMENTAL Glance v3 API has been removed in favor of standalone API
(EXPERIMENTAL Artifacts API of v0.1).
This patch introduces a new process entry point to run on a different
port (9494 by default), with its own configuration file and a paste
config.
A controller stub for old /v3 api remains in the glnace.api package for
the compatibility with existing paste configuration which may reference
it. This stub returns a 301 redirects to glare endpoint if it is present
or 410 errors otherwise.
To reuse the existing version_negotiation middleware some refactoring
has been made.
Implements blueprint: move-v3-to-glare
Change-Id: I5b7bd4cdcc5f2a40fc4a5f74bcc422fd700c4fb0
The metadata definitions in etc/metadefs allow each namespace to be associated
with a resource type in OpenStack. Now that Horizon is supporting adding
metadata to instances (just got in during the mitaka cycle - so unrealeased),
I realized that we used OS::Nova::Instance instead of OS::Nova::Server in
Glance. This doesn’t align with Heat [0] or Searchlight [1].
There are a couple of metadef files that have OS::Nova::Instance that need to
change to OS::Nova::Server. I see also that OS::Nova:Instance is in one of
the db scripts. That script simply adds some initial "resource types" to the
database. [3]. It should be noted that there is no hard dependency on that
resource type to be in the DB script. You can add new resource types at any
time via API or JSON files and they are automatically added.
I'm not sure if the change to the db script needs to be done in a different
patch or not, but that can easily be accommodated.
See bug for additional links.
Change-Id: I196ce1d9a62a61027ccd444b17a30b2c018d9c84
Closes-Bug: 1537903
One of the goals of this spec is to improve the image import process and
allow for other background operations to be executed when the image data
is added. This supersedes the need of the task endpoint that we'll
slowly deprecate. As part of this spec, we should make it admin only and
warn deployers that this API is going to be deprecated.
MitakaPriority
DocImpact: Tasks API is now admin only. Deployments depending on this
API need to make sure they make it accessible for non-admins.
Closes-bug: #1527716
Partially-blueprint: image-import-refactor
Change-Id: I28cb69ea730ae58b9aed1dd43b68305dbbf132c1
https://review.openstack.org/#/c/68421/ added support for
storage_policy in flavor extra_specs. This patch adds missing property
in glance metadef for VMware driver options for flavors.
Change-Id: I2f42e51676701d1427a62d5765141e4e586f52f1
There are several metadata definitions for software that are
associated with Nova instances (OS::Nova::Instance) which should
have their properties target set to "metadata".
The ability to add metadata to an instance leveraging these
definitions at launch time was recently added to horizon. In
a follow up discussion, somebody asked about using the metadata
definitions to also choose nova scheduler hints at launch time,
without confusing the two intended purposes of the metadata.
This raised our awareness that we don't have properties_target
set to "metadata" (rather than "scheduler hints") for
OS::Nova::Instance on the software metadata definition files.
This patch adds "properties_target": "metadata" to those files.
Change-Id: I247226ad78762d1d2add3bb39b1e780b93f36370
Closes-Bug: 1536849
