Merge "Update SPEC: Using PUT instead of PATCH API to update delete_on_termination"
This commit is contained in:
commit
1d8709a091
@ -4,19 +4,20 @@
|
||||
|
||||
http://creativecommons.org/licenses/by/3.0/legalcode
|
||||
|
||||
=====================================================
|
||||
Support re-configure deleted_on_termination in server
|
||||
=====================================================
|
||||
====================================================
|
||||
Support re-configure delete_on_termination in server
|
||||
====================================================
|
||||
|
||||
https://blueprints.launchpad.net/nova/+spec/destroy-instance-with-datavolume
|
||||
|
||||
This blueprint proposes to allow changing the ``deleted_on_termination``
|
||||
attribute of a volume after an instance is booted.
|
||||
This blueprint proposes to allow changing the ``delete_on_termination``
|
||||
attribute of a volume after an instance is booted, or set the new volume's
|
||||
``delete_on_termination`` during swap volume.
|
||||
|
||||
Problem description
|
||||
===================
|
||||
|
||||
Currently, nova support configuring ``deleted_on_termination`` for the root
|
||||
Currently, nova supports configuring ``delete_on_termination`` for the root
|
||||
disk and data volume (refrerence to the volume attach API [1]_.) when the
|
||||
instance is created, but does not allow it to be updated after the instance
|
||||
is created.
|
||||
@ -34,6 +35,9 @@ to be able to alter the ``delete_on_termination`` property to either
|
||||
preserve important data while freeing compute resources or freeing
|
||||
storage space and cleaning up sensitive data.
|
||||
|
||||
As an admin user, I expect that I can set ``delete_on_termination``
|
||||
during swap volume.
|
||||
|
||||
The end user expects to be able to decide the policy by which the volumes
|
||||
are preserved or destoryed at any point in the vms lifecyle.
|
||||
|
||||
@ -42,9 +46,22 @@ Proposed change
|
||||
|
||||
Add a new microversion to the Servers with volume attachments model,
|
||||
to support configuring whether to delete the attached volume when the
|
||||
instance is destroyed. Add ``deleted_on_termination`` property to the
|
||||
instance is destroyed. Add ``delete_on_termination`` property to the
|
||||
request body. The ``volume_id`` parameter in the url is the volume that
|
||||
will be set to ``deleted_on_termination``.
|
||||
will be set to ``delete_on_termination``.
|
||||
|
||||
Change swap volume policy's rule name to
|
||||
``os_compute_api:os-volumes-attachments:swap``, and make the original
|
||||
policy's rule name (``os_compute_api:os-volumes-attachments:update``)
|
||||
allow the update a volume atachment API.
|
||||
|
||||
Add 'rule:system_admin_or_owner' policy to the update volume API.
|
||||
|
||||
After this change, the update volume attachment API will have two policies,
|
||||
one for general updates (currently only ``delete_on_termination``) and one
|
||||
for admins which allows changing the volume id (i.e. swap volume) as well
|
||||
as other attributes. In other words, the swap policy is a superset of the
|
||||
update policy.
|
||||
|
||||
Alternatives
|
||||
------------
|
||||
@ -58,16 +75,10 @@ If you boot from volume where nova creates the root volume and
|
||||
to preserve the root volume after the server is deleted, you can create a
|
||||
snapshot of the server.
|
||||
|
||||
Another option is change the exist PUT update a volume attachment API, add
|
||||
``delete_on_termination`` property to the request body, and should make
|
||||
the ``volumeId`` is optional in the request body. This API is typically meant
|
||||
to only be used as part of a larger orchestrated volume migration operation
|
||||
initiated in the block storage service via the ``os-retype`` or
|
||||
``os-migrate_volume`` volume actions.
|
||||
|
||||
If we change this API, the current ``PUT`` API will become extremely
|
||||
complicated and difficult to use. In addition, the default policy is
|
||||
administrative role, which is not applicable to the current use case.
|
||||
Another option is add a PATCH volume attachment API, allowing a
|
||||
``delete_on_termination`` property in the request body to support updating
|
||||
the attached volume, but that will break the nova API and introduce a new
|
||||
PATCH method.
|
||||
|
||||
Data model impact
|
||||
-----------------
|
||||
@ -81,27 +92,27 @@ Configure ``delete_on_termination`` for the volume attached to the instance.
|
||||
|
||||
URL: /servers/{server_id}/os-volume_attachments/{volume_id}
|
||||
|
||||
* Request method: PATCH (Patch volume attachment)
|
||||
* Request method: PUT (Update a volume attachment)
|
||||
|
||||
Add the ``delete_on_termination`` parameter to the request body.
|
||||
|
||||
* Patch volume attachment API's request body:
|
||||
* Update a volume attachment API's request body:
|
||||
|
||||
.. code-block:: json
|
||||
|
||||
{
|
||||
"volumeAttachment": {
|
||||
"volumeId": "a07f71dc-8151-4e7d-a0cc-cd24a3f11113",
|
||||
"delete_on_termination": true
|
||||
}
|
||||
}
|
||||
|
||||
The ``delete_on_termination`` in the request body is required:
|
||||
Other than ``volumeId``, as of the new microversion only
|
||||
``delete_on_termination`` may be changed from the current value. Otherwise,
|
||||
that will be return 400.
|
||||
|
||||
- It will return 400 if ``volume_id`` in the path and/or
|
||||
``delete_on_termination`` in the request body are not specified.
|
||||
|
||||
Allow admin or owner role to perform this operation and add
|
||||
'rule: system_admin_or_owner' policy.
|
||||
Add 'rule:system_admin_or_owner' policy role to the
|
||||
update a volume attachment API.
|
||||
|
||||
Security impact
|
||||
---------------
|
||||
@ -116,9 +127,8 @@ None
|
||||
Other end user impact
|
||||
---------------------
|
||||
|
||||
python-novaclient will add support for this ``PATCH`` API,
|
||||
to support setting ``delete_on_termination`` parameter to
|
||||
an attached volume.
|
||||
python-novaclient will be updated to support changing
|
||||
the ``delete_on_termination`` flag.
|
||||
|
||||
Performance Impact
|
||||
------------------
|
||||
@ -138,8 +148,7 @@ None
|
||||
Upgrade impact
|
||||
--------------
|
||||
|
||||
During a rolling upgrade if this PATCH update volume attachment API
|
||||
is call, the request will be reject until all hosts are upgraded.
|
||||
None
|
||||
|
||||
Implementation
|
||||
==============
|
||||
@ -159,9 +168,11 @@ Feature liaison:
|
||||
Work Items
|
||||
----------
|
||||
|
||||
* Add patch volume attachment support in nova API.
|
||||
* Add microversion support.
|
||||
* Add patch volume attachment API support in python-novaclient.
|
||||
* Add a new microversion which enables code that allows updating
|
||||
``delete_on_termination`` during a PUT request.
|
||||
* Change the original policy role name for update a volume attachment API.
|
||||
* Add new policy to the update a volume attachment API.
|
||||
* Change python-novaclient to support this microversion.
|
||||
* Add related tests.
|
||||
|
||||
Dependencies
|
||||
@ -173,7 +184,7 @@ Testing
|
||||
=======
|
||||
|
||||
* Add related unit tests for negative scenarios such as trying to call
|
||||
patch volume attachment API to update an attached volume with an older
|
||||
update a volume attachment API to update an attached volume with an older
|
||||
microversion, passing ``delete_on_termination`` with an invalid value
|
||||
like null, etc.
|
||||
* Add related functional tests for normal scenarions, e.g. API samples.
|
||||
@ -184,7 +195,7 @@ with the CinderFixture should be sufficient for testing this feature.
|
||||
Documentation Impact
|
||||
====================
|
||||
|
||||
Add docs description about this patch volume attachment API.
|
||||
Add docs description about this microversion.
|
||||
|
||||
References
|
||||
==========
|
||||
@ -201,10 +212,6 @@ For the disscussion of this feature at the Forum in Shanghai:
|
||||
|
||||
.. [1] http://specs.openstack.org/openstack/nova-specs/specs/train/approved/support-delete-on-termination-in-server-attach-volume.html
|
||||
|
||||
.. _PATCH how to works: https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/PATCH
|
||||
|
||||
PoC code: https://review.opendev.org/#/c/693828/
|
||||
|
||||
History
|
||||
=======
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user