From ee7e96f06af741bb34bedac18fa2c4616fcc3905 Mon Sep 17 00:00:00 2001 From: Rajat Dhasmana Date: Wed, 24 Jul 2024 07:31:46 +0000 Subject: [PATCH] Do not set_acls if store is not associated to glance node In case of glance multiple stores (mostly for ceph) nova initiates copy-image functionality if image, from which the sever is being created, is not present in the referring ceph store. This can fail if image location which is already present in image but not available for that glance edge node. This scenario can only be reproducible with EDGE deployment. In order to fix this, if the store is defined on that glance node then only call set_acls method, else ignore it. Closes-Bug: #2073945 Change-Id: I0409982ae27b662e60dd2363ba2f7863d0722fea --- glance/location.py | 26 +++++++++++++++++-- .../notes/fix-set-acls-bc17b5e125425c9b.yaml | 7 +++++ 2 files changed, 31 insertions(+), 2 deletions(-) create mode 100644 releasenotes/notes/fix-set-acls-bc17b5e125425c9b.yaml diff --git a/glance/location.py b/glance/location.py index cf05fcdb2d..60120717d8 100644 --- a/glance/location.py +++ b/glance/location.py @@ -63,8 +63,19 @@ class ImageRepoProxy(glance.domain.proxy.Repo): member_ids = [m.member_id for m in member_repo.list()] for location in image.locations: if CONF.enabled_backends: + # NOTE(whoami-rajat): Do not set_acls if store is not defined + # on this node. This is possible in case of edge deployment + # that image location is present but the actual store is + # not related to this node. + image_store = location['metadata'].get('store') + if image_store not in CONF.enabled_backends: + msg = (_("Store %s is not available on " + "this node, skipping `_set_acls` " + "call.") % image_store) + LOG.debug(msg) + continue self.store_api.set_acls_for_multi_store( - location['url'], location['metadata'].get('store'), + location['url'], image_store, public=public, read_tenants=member_ids, context=self.context ) @@ -655,8 +666,19 @@ class ImageMemberRepoProxy(glance.domain.proxy.Repo): member_ids = [m.member_id for m in self.repo.list()] for location in self.image.locations: if CONF.enabled_backends: + # NOTE(whoami-rajat): Do not set_acls if store is not + # defined on this node. This is possible in case of edge + # deployment that image location is present but the actual + # store is not related to this node. + image_store = location['metadata'].get('store') + if image_store not in CONF.enabled_backends: + msg = (_("Store %s is not available on " + "this node, skipping `_set_acls` " + "call.") % image_store) + LOG.debug(msg) + continue self.store_api.set_acls_for_multi_store( - location['url'], location['metadata'].get('store'), + location['url'], image_store, public=public, read_tenants=member_ids, context=self.context ) diff --git a/releasenotes/notes/fix-set-acls-bc17b5e125425c9b.yaml b/releasenotes/notes/fix-set-acls-bc17b5e125425c9b.yaml new file mode 100644 index 0000000000..15526cb9a7 --- /dev/null +++ b/releasenotes/notes/fix-set-acls-bc17b5e125425c9b.yaml @@ -0,0 +1,7 @@ +--- +fixes: + - | + `Bug #2073945 `_: + Fixed issue with VM creation in DCN cases with RBD backend where + an edge node doesn't have the store defined which is part of the + image locations and the operation fails.