diff --git a/nova/api/openstack/compute/servers.py b/nova/api/openstack/compute/servers.py index 300b2b4485aa..42308af93123 100644 --- a/nova/api/openstack/compute/servers.py +++ b/nova/api/openstack/compute/servers.py @@ -736,6 +736,7 @@ class ServersController(wsgi.Controller): except (exception.ImageNotActive, exception.ImageBadRequest, exception.ImageNotAuthorized, + exception.ImageUnacceptable, exception.FixedIpNotFoundForAddress, exception.FlavorNotFound, exception.FlavorDiskTooSmall, diff --git a/nova/compute/api.py b/nova/compute/api.py index ff64ea5a8bc9..37457c4f34da 100644 --- a/nova/compute/api.py +++ b/nova/compute/api.py @@ -576,6 +576,31 @@ class API(base.Base): self._validate_flavor_image_nostatus(context, image, instance_type, root_bdm, validate_numa) + @staticmethod + def _detect_nonbootable_image_from_properties(image_id, image): + """Check image for a property indicating it's nonbootable. + + This is called from the API service to ensure that there are + no known image properties indicating that this image is of a + type that we do not support booting from. + + Currently the only such property is 'cinder_encryption_key_id'. + + :param image_id: UUID of the image + :param image: a dict representation of the image including properties + :raises: ImageUnacceptable if the image properties indicate + that booting this image is not supported + """ + if not image: + return + + image_properties = image.get('properties', {}) + if image_properties.get('cinder_encryption_key_id'): + reason = _('Direct booting of an image uploaded from an ' + 'encrypted volume is unsupported.') + raise exception.ImageUnacceptable(image_id=image_id, + reason=reason) + @staticmethod def _validate_flavor_image_nostatus(context, image, instance_type, root_bdm, validate_numa=True, @@ -876,6 +901,7 @@ class API(base.Base): validate_numa=True): self._check_metadata_properties_quota(context, metadata) self._check_injected_file_quota(context, files_to_inject) + self._detect_nonbootable_image_from_properties(image_id, image) self._validate_flavor_image(context, image_id, image, instance_type, root_bdm, validate_numa=validate_numa) diff --git a/nova/tests/unit/api/openstack/compute/test_serversV21.py b/nova/tests/unit/api/openstack/compute/test_serversV21.py index 6980676b585c..80af96ebb6d0 100644 --- a/nova/tests/unit/api/openstack/compute/test_serversV21.py +++ b/nova/tests/unit/api/openstack/compute/test_serversV21.py @@ -4317,6 +4317,22 @@ class ServersControllerCreateTest(test.TestCase): "Flavor's disk is too small for requested image."): self.controller.create(self.req, body=self.body) + @mock.patch.object(fake._FakeImageService, 'show', + return_value=dict( + id='76fa36fc-c930-4bf3-8c8a-ea2a2420deb6', + status='active', + properties=dict( + cinder_encryption_key_id=fakes.FAKE_UUID))) + def test_create_server_image_nonbootable(self, mock_show): + self.req.body = jsonutils.dump_as_bytes(self.body) + + expected_msg = ("Image {} is unacceptable: Direct booting of an image " + "uploaded from an encrypted volume is unsupported.") + with testtools.ExpectedException( + webob.exc.HTTPBadRequest, + expected_msg.format(self.image_uuid)): + self.controller.create(self.req, body=self.body) + def test_create_instance_with_image_non_uuid(self): self.body['server']['imageRef'] = 'not-uuid' self.assertRaises(exception.ValidationError, diff --git a/releasenotes/notes/cinder-detect-nonbootable-image-6fad7f865b45f879.yaml b/releasenotes/notes/cinder-detect-nonbootable-image-6fad7f865b45f879.yaml new file mode 100644 index 000000000000..0746df58f274 --- /dev/null +++ b/releasenotes/notes/cinder-detect-nonbootable-image-6fad7f865b45f879.yaml @@ -0,0 +1,9 @@ +--- +fixes: + - | + The Compute service has never supported direct booting of an instance from + an image that was created by the Block Storage service from an encrypted + volume. Previously, this operation would result in an ACTIVE instance that + was unusable. Beginning with this release, an attempt to boot from such an + image will result in the Compute API returning a 400 (Bad Request) + response.