Change docs to use non-public images by default

In Juno, the ability to make public images will be admin-only by
default. This patch changes areas of the documentation that
aren't explicitly known to be working with admin-level credentials
to use is-public=False in their image uploads. This encourages good
security practice, and will hopefully avoid bug reports from users
who don't have access trying to make public images.

Change-Id: I8ca05c7507e1e63d39c927388f95fc584dfbe34d
Partial-Bug: 1328302
This commit is contained in:
Tom Fifield 2014-06-25 13:44:29 +08:00
parent 4632d73c7d
commit 1340e65e5d
5 changed files with 12 additions and 11 deletions

View File

@ -222,7 +222,8 @@
<para><parameter>--is-public [True|False]</parameter></para> <para><parameter>--is-public [True|False]</parameter></para>
</td> </td>
<td> <td>
<para>Makes an image accessible for all the tenants.</para> <para>Makes an image accessible for all the tenants
(admin-only by default).</para>
</td> </td>
</tr> </tr>
<tr> <tr>

View File

@ -335,7 +335,7 @@ connection=mysql://nova:passwd@<replaceable>IP_ADDRESS</replaceable>/nova</progr
>http://technet.microsoft.com/en-us/library/cc772480.aspx</link></para> >http://technet.microsoft.com/en-us/library/cc772480.aspx</link></para>
<para>Once you have successfully created a virtual machine, you can then upload the image to <para>Once you have successfully created a virtual machine, you can then upload the image to
glance using the native glance-client:</para> glance using the native glance-client:</para>
<screen><prompt>C:\></prompt><userinput>glance image-create --name="<replaceable>VM_IMAGE_NAME</replaceable>" --is-public=true --container-format=bare --disk-format=vhd</userinput></screen> <screen><prompt>C:\></prompt><userinput>glance image-create --name="<replaceable>VM_IMAGE_NAME</replaceable>" --is-public=False --container-format=bare --disk-format=vhd</userinput></screen>
</section> </section>
<section xml:id="running_compute-with-hyper-v"> <section xml:id="running_compute-with-hyper-v">
<title>Run Compute with Hyper-V</title> <title>Run Compute with Hyper-V</title>

View File

@ -675,7 +675,7 @@ datastore_regex=&lt;optional datastore regex&gt;</programlisting>
setting <option>vmware_disktype</option> to setting <option>vmware_disktype</option> to
<literal>sparse</literal>:</para> <literal>sparse</literal>:</para>
<screen><prompt>$</prompt> <userinput>glance image-create --name="ubuntu-sparse" --disk_format=vmdk \ <screen><prompt>$</prompt> <userinput>glance image-create --name="ubuntu-sparse" --disk_format=vmdk \
--container_format=bare --is_public=true \ --container_format=bare \
--property vmware_disktype="sparse" \ --property vmware_disktype="sparse" \
--property vmware_ostype="ubuntu64Guest" &lt; ubuntuLTS-sparse.vmdk</userinput></screen> --property vmware_ostype="ubuntu64Guest" &lt; ubuntuLTS-sparse.vmdk</userinput></screen>
<note><para>Specifying <literal>thin</literal> does not <note><para>Specifying <literal>thin</literal> does not
@ -699,7 +699,7 @@ datastore_regex=&lt;optional datastore regex&gt;</programlisting>
example of the Precise Ubuntu image after the example of the Precise Ubuntu image after the
<code>qemu-img</code> conversion, the command to upload the <code>qemu-img</code> conversion, the command to upload the
VMDK disk should be something like:</para> VMDK disk should be something like:</para>
<screen><prompt>$</prompt> <userinput>glance image-create --name precise-cloud --is-public=True \ <screen><prompt>$</prompt> <userinput>glance image-create --name precise-cloud --is-public=False \
--container-format=bare --disk-format=vmdk \ --container-format=bare --disk-format=vmdk \
--property vmware_disktype="sparse" \ --property vmware_disktype="sparse" \
--property vmware_adaptertype="ide" &lt; \ --property vmware_adaptertype="ide" &lt; \
@ -718,7 +718,7 @@ precise-server-cloudimg-amd64-disk1.vmdk</userinput></screen>
adapter type, the following command uploads the VMDK adapter type, the following command uploads the VMDK
disk:</para> disk:</para>
<screen><prompt>$</prompt> <userinput>glance image-create --name="ubuntu-thick-scsi" --disk_format=vmdk \ <screen><prompt>$</prompt> <userinput>glance image-create --name="ubuntu-thick-scsi" --disk_format=vmdk \
--container_format=bare --is_public=true \ --container_format=bare \
--property vmware_adaptertype="lsiLogic" \ --property vmware_adaptertype="lsiLogic" \
--property vmware_disktype="preallocated" \ --property vmware_disktype="preallocated" \
--property vmware_ostype="ubuntu64Guest" &lt; ubuntuLTS-flat.vmdk</userinput></screen> --property vmware_ostype="ubuntu64Guest" &lt; ubuntuLTS-flat.vmdk</userinput></screen>
@ -741,7 +741,7 @@ precise-server-cloudimg-amd64-disk1.vmdk</userinput></screen>
type to <literal>vmware</literal>. Other valid hypervisor type to <literal>vmware</literal>. Other valid hypervisor
types include: xen, qemu, kvm, lxc, uml, and hyperv.</para> types include: xen, qemu, kvm, lxc, uml, and hyperv.</para>
<screen><prompt>$</prompt> <userinput>glance image-create --name="ubuntu-thick-scsi" --disk_format=vmdk \ <screen><prompt>$</prompt> <userinput>glance image-create --name="ubuntu-thick-scsi" --disk_format=vmdk \
--container_format=bare --is_public=true \ --container_format=bare \
--property vmware_adaptertype="lsiLogic" \ --property vmware_adaptertype="lsiLogic" \
--property vmware_disktype="preallocated" \ --property vmware_disktype="preallocated" \
--property hypervisor_type="vmware" \ --property hypervisor_type="vmware" \

View File

@ -99,7 +99,7 @@
<td>Kernel image</td> <td>Kernel image</td>
<td> <td>
<screen><prompt>$</prompt> <userinput>glance image-create --name "cirros-threepart-kernel" \ <screen><prompt>$</prompt> <userinput>glance image-create --name "cirros-threepart-kernel" \
--disk-format aki --container-format aki --is-public True \ --disk-format aki --container-format aki --is-public False \
--file ~/images/cirros-0.3.1~pre4-x86_64-vmlinuz</userinput></screen> --file ~/images/cirros-0.3.1~pre4-x86_64-vmlinuz</userinput></screen>
</td> </td>
</tr> </tr>
@ -107,7 +107,7 @@
<td>RAM image</td> <td>RAM image</td>
<td> <td>
<screen><prompt>$</prompt> <userinput>glance image-create -—name "cirros-threepart-ramdisk" \ <screen><prompt>$</prompt> <userinput>glance image-create -—name "cirros-threepart-ramdisk" \
--disk-format ari --container-format ari --is-public True \ --disk-format ari --container-format ari --is-public False \
--file ~/images/cirros-0.3.1~pre4-x86_64-initrd</userinput></screen> --file ~/images/cirros-0.3.1~pre4-x86_64-initrd</userinput></screen>
</td> </td>
</tr> </tr>
@ -115,7 +115,7 @@
<td>Three-part image</td> <td>Three-part image</td>
<td> <td>
<screen><prompt>$</prompt> <userinput>glance image-create --name "cirros-threepart" --disk-format ami \ <screen><prompt>$</prompt> <userinput>glance image-create --name "cirros-threepart" --disk-format ami \
--container-format ami --is-public True \ --container-format ami --is-public False \
--property kernel_id=$KID—property ramdisk_id=$RID \ --property kernel_id=$KID—property ramdisk_id=$RID \
--file ~/images/cirros-0.3.1~pre4-x86_64-blank.img</userinput></screen> --file ~/images/cirros-0.3.1~pre4-x86_64-blank.img</userinput></screen>
</td> </td>
@ -124,7 +124,7 @@
<td>Register raw image</td> <td>Register raw image</td>
<td> <td>
<screen><prompt>$</prompt> <userinput>glance image-create --name "cirros-qcow2" --disk-format qcow2 \ <screen><prompt>$</prompt> <userinput>glance image-create --name "cirros-qcow2" --disk-format qcow2 \
--container-format bare --is-public True \ --container-format bare --is-public False \
--file ~/images/cirros-0.3.1~pre4-x86_64-disk.img</userinput></screen> --file ~/images/cirros-0.3.1~pre4-x86_64-disk.img</userinput></screen>
</td> </td>
</tr> </tr>

View File

@ -106,7 +106,7 @@ image = nova.images.find(name=name)</programlisting>
imagefile = "/tmp/myimage.img" imagefile = "/tmp/myimage.img"
glance = glclient.Client(...) glance = glclient.Client(...)
with open(imagefile) as fimage: with open(imagefile) as fimage:
glance.images.create(name="myimage", is_public=True, disk_format="qcow2", glance.images.create(name="myimage", is_public=False, disk_format="qcow2",
container_format="bare", data=fimage)</programlisting> container_format="bare", data=fimage)</programlisting>
</section> </section>
</section> </section>