414 Commits

Author SHA1 Message Date
DamonLi
c1a845d553 Add the list of hw_version supported by vmware driver.
This patch add the list of hw_version supported by vmware driver.
The corresponding relationships are as following:
vmx-13: ESXi6.5
vmx-11: ESXi6.0
vmx-10: ESXi5.5
vmx-09: ESXi5.1
vmx-08: ESXi5.0
vmx-07: ESXi/ESX4.x
vmx-04: ESX3.x
vmx-03: ESX2.x

Change-Id: I1796b461855081f758b0585c9a0165c5138669d5
2017-12-06 09:44:03 +08:00
Jesse Pretorius
e078c7e3b2 Correct related section for enable_image_import
The documentation references the section DEFUALT
instead of DEFAULT. As this is most likely a
spelling error which will cause confusion, it is
better if we fix it.

This patch corrects the config option information
and includes an updated set of sample config files
generated from the current code including the fix.

Change-Id: If3c5e334aa1fa2ff5a28f52c00330d42cb9bcf9d
2017-11-17 18:33:45 +00:00
Brian Rosmaita
b90ad2524f Add 'tasks_api_access' policy
The Tasks API was made admin-only in Mitaka to prevent it from being
exposed directly to end users.  The interoperable image import
process introduced in Pike uses the tasks engine to perform the
import.  This patch introduces a new policy, 'tasks_api_access',
that determines whether a user can make Tasks API calls.

The currently existing task-related policies are retained so that
operators can have fine-grained control over tasks.  With this
new policy, operators can restrict Tasks API access to admins,
while at the same time, admin-level credentials are not required
for glance to perform task-related functions on behalf of users.

Change-Id: I3f66f7efa7c377d999a88457fc6492701a894f34
Closes-bug: #1711468
2017-08-18 00:46:34 -04:00
Rui Yuan Dou
8886dcd114 Update invalid path and link for Image Properties
Change-Id: I67e84be3ceb4b6810f8b7c39d953b36c04641afb
2017-08-16 09:07:51 +08:00
Brian Rosmaita
3ce6c58a33 Refresh config files for Pike RC-1
Regenerated the configuration files before branching.

Change-Id: I262b00b663a6eea2b310b6dc46bb220ed7a1349d
2017-08-10 12:11:33 -04:00
Jenkins
5565542d6e Merge "Update the documention for doc migration" 2017-08-02 23:30:00 +00:00
lingyongxu
7c1764b85d Update the documention for doc migration
This patch is proposed according to the Direction 10 of doc
migration(https://etherpad.openstack.org/p/doc-migration-tracking).

Change-Id: I71ced5bd5a0979acf21a60c6157b0af98f061f20
2017-08-02 07:22:46 +00:00
Cyril Roelandt
01fa437b94 Add a default rootwrap.conf file.
This file is needed when using the Cinder backend driver; it enables it to
operate properly.

Change-Id: I174ce58166cdf585e88f2f48e45c6c96bb781251
Co-authored-by: Mike Abrams <mabrams@redhat.com>
2017-07-27 18:48:54 +02:00
Jenkins
1c2612eed5 Merge "Update vmware metadef with ESX 6.5 supported OSes" 2017-06-23 20:19:09 +00:00
Jenkins
49577ac71c Merge "Fix broken link to the "Image service property keys" doc" 2017-06-22 17:25:49 +00:00
Christian Berendt
a625e4e14b Fix broken link to the "Image service property keys" doc
Change-Id: I045d72ae2822717f7125c5116d804fdb66e1a097
2017-06-19 12:04:33 +02:00
Daniel Pawlik
295908281e Add hide hypervisor id on guest host
Image hide_hypervisor_id property helps libvirt set in xml instance file
property, which will hide on guest host KVM hypervisor signature
("KVMKVMKVM\0\0\0").
According to the commit message in QEMU repository [1]:

"The latest Nvidia driver (337.88) specifically checks
for KVM as the hypervisor and reports Code 43 for the
driver  in a Windows guest when found.  Removing or
changing the KVM signature is sufficient for the driver
to load and work."

[1]: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=f522d2a

DocImpact

Implements: blueprint add-kvm-hidden-feature
Change-Id: I825c5c2a8ba3b9f5eccd9800870b6307d201614c
2017-05-24 16:50:17 +02:00
Eric Brown
b505ede170 Update vmware metadef with ESX 6.5 supported OSes
The newly released version of ESX 6.5 supports a few new operating
systems for the guest OS.

Here are the contents of /usr/lib/vmware/hostd/vimLocale/en/gos.vmsg
from an ESX 6.5 host:
http://paste.openstack.org/show/593194/

Change-Id: I2ff9053e3410c7b11b8d52eb5736412781eeb492
2017-03-21 19:56:00 -07:00
Javier Pena
ce92edafd2 Remove glare leftovers from setup.cfg
I3026ca6287a65ab5287bf3843f2a9d756ce15139 removed Glare from the Glance
codebase, but left some lines in setup.cfg.

This patch removes the remnant of the references in the code tree.

Co-Authored-By: Javier Pena <jpena@redhat.com>
Co-Authored-By: Nikhil Komawar <nik.komawar@gmail.com>

Depends-on: I02bfe805c419fcc49ac43b66f4f7b1a0d1d54755
Change-Id: Ia3652eb0dede3614cc4ea880f8ddc06c95740797
2017-03-04 15:59:29 +00:00
Brian Rosmaita
4b8026714f Glare-ectomy
Glare became a separate project during Newton.  The code was copied
out of the Glance tree, but remained in the Glance repository.  It
is no longer being maintained, and that has begun to cause some
problems, for example, blocking a recent stevedore upper constraints
change; see I141b17f9dd2acebe2b23f8fc93206e23bc70b568

This patch removes the Glare code from the Glance repository.  It
includes Alembic database migration scripts, in both the all-in-one
and E-M-C format.  It also includes release notes.

Implements: blueprint glare-ectomy
Change-Id: I3026ca6287a65ab5287bf3843f2a9d756ce15139
2017-03-01 21:46:52 +00:00
Brian Rosmaita
f7adc0f22c Refresh config files for Ocata RC-1
Regenerated the config files before branching.

Change-Id: I0fee0f4604997ccb388dd8e25dee9d388fe21f14
2017-02-02 23:40:19 +00:00
Jenkins
b7c627ef68 Merge "Implement and Enable Community Images" 2017-01-19 18:24:08 +00:00
Timothy Symanczyk
265659e8c3 Implement and Enable Community Images
This change replaces the existing boolean 'is_public' column for
the 'images' table with enum 'visibility' column featuring the
four explicit visibility values - public, private, shared,
and community.

This change also implements and enables all backend code to
utilize the new values.

Co-Authored-By: Timothy Symanczyk <timothy_symanczyk@symantec.com>
Co-Authored-By: Dharini Chandrasekar <dharini.chandrasekar@intel.com>

Implements: blueprint community-level-v2-image-sharing
Closes-Bug: #1394299
Closes-Bug: #1452443
Depends-On: I6e3268f3712cbc0aadb51d204c694023b92d55a5
Change-Id: I94bc7708b291ce37319539e27b3e88c9a17e1a9f
2017-01-18 17:56:12 +00:00
Maxim Nestratov
ab7152ea28 Add ploop to supported disk_formats
Lite-Spec-Id:Ib45de5ff2fe7fc4e1c2d6f8cb6772e017ef891c2
Change-Id: Ice74c4bf9ed2efae519930f33b2fa2b3c162e8c4
2016-12-22 21:14:14 +03:00
Jenkins
075015fae6 Merge "Add libvirt image metadef for hw_pointer_model" 2016-12-22 00:17:12 +00:00
Jenkins
cd68ad1ded Merge "Expand hypervisor_type meta data with Virtuozzo hypervisor" 2016-12-21 21:50:56 +00:00
Ian Cordasco
c3baf74f26 Update sample config files for Ocata-3
In preparation for the last Ocata beta milestone, let's update our
configuration files. This will also allow for other folks who are
updating config files to create much smaller diffs.

Change-Id: Id644879bb9e93a291c7935eaeacf664bbf46efc2
2016-12-21 07:04:03 -06:00
Maxim Nestratov
cac2fc67ec Expand hypervisor_type meta data with Virtuozzo hypervisor
Virtuozzo hypervisor reports itself as 'vz' hypervisor, and it
was supported as libvirt virt type since Kilo. Let's expand
image metadata so that it will possible to filter out compute nodes,
which don't support images requiring hypervisor_type=vz

Lite-Spec-Id: I6ba0fcf670aecddde95cfdc6850cdb751dec2058

Change-Id: I51afacf83655107a6c4e4c226623fa360bdafca2
2016-12-20 09:53:44 +03:00
Matt Riedemann
fca18a344c Add libvirt image metadef for hw_pointer_model
Nova has supported this image property for awhile so let's
document it in the glance metadef registry.

DocImpact: Need to update 'Image service property keys' doc
in the CLI reference:

  http://docs.openstack.org/cli-reference/glance-property-keys.html

Change-Id: I7c77fb13f20b59ad764070d14dc98a46f8b7c823
2016-10-13 14:37:48 -04:00
Jenkins
48ee8ef479 Merge "Keep consistent order for regenerated configs" 2016-09-13 20:28:53 +00:00
venkatamahesh
25b492c019 Fix a small markup typo
This typo throws error while generating tables in config-reference
of openstack-manuals

Change-Id: If0be47225fbe8c59f7e0679dbced361fda5a960e
2016-09-03 17:48:50 +05:30
Nikhil Komawar
80006b43a7 Keep consistent order for regenerated configs
There's a bug in glance_store ( bug 1619487 ) that results in a
reordering of the store related configurations everytime the tool to
autogenerate configs is used.

This commit generates the Newton config in the deterministic way by
using the suggested solution described on the bug.

For more information and background discussions see change
Iea2c538b37182191445cc5c1f8b2d9dceed06343

Related-Change: I3146b8597a5d89da49b84d6653edacc3067c2c71

Change-Id: Idbea98865ccfc14563ab4357764383e1e7021542
2016-09-01 23:50:19 +00:00
Nikhil Komawar
11cfe49b8f Regenerate config files for Newton
During the release many config options are changed or updated. The
sample config files provided in tree (under etc/*) need to be updated
using the autogeneration tool as these files are being used in different
places. Some examples are devstack gates, downstream packagers shipping
with the same (or using defaults from these files), etc.

Hence, before we cut a release we need to refresh the config files
shipped with tree to match the changes done in the source code during
the release cycle.

This commit is intended to refresh the entire set of config files for
Newton. They include:

    * glance api and registry related configs
    * scrubber, cache and manage utilities' configs
    * any other configs coming from downstream like oslo libraries,
      glance_store, etc.
    * belonging to affiliated code base like glare.

Change-Id: Iea2c538b37182191445cc5c1f8b2d9dceed06343
Co-Authored-By: Nikhil Komawar <nik.komawar@gmail.com>
Co-Authored-By: Hemanth Makkapati <hemanth.makkapati@rackspace.com>
2016-09-01 14:02:37 -04:00
Jenkins
a3ef4b466a Merge "Wrap text in sample configuration files at 80" 2016-08-30 15:01:10 +00:00
Stephen Finucane
411418b044 Add CPU thread pinning to metadata defs
CPU pinning policy is defined, but CPU thread pinning policy is not.
Resolve this.

UpgradeImpact
Change-Id: Ie3027a9ee92ac272b6c9a07926aa529d72187d00
Closes-bug: #1612341
2016-08-17 16:45:39 +01:00
Nikhil Komawar
b5f31eef57 Refresh some config files based on bug fixes
Change IDs I123be151fdda8037e62ba21600e63c45fdc90c8d and
Ie332236d6e11e0cb63114bc1c68c3a8691f1f1ae fix adding some missing config
options to be included as a part of the sample configs. We need to
refresh the configs to include those to be part of the latest sample
set. This commit refreshes some of the config for that purpose.

This change has been inspired while writing release notes here
If0b8b731c2a1a1c41fc612d506c350073d832efa . It was observed that the
bugs mentioned missing config opts in the sample files and have been
marked fixed. However, in order to make the release notes consistent
with that claim and to mention, as a part of the release notes, that
those bugs have been fixed, refreshing this has become important.

Change-Id: I534a0dc2d9f82ab70517cde12bfd40d4f5ae69e2
Related-Bug: 1568723
Related-Bug: 1568894
2016-08-02 18:32:00 -04:00
Hemanth Makkapati
45003b0209 Wrap text in sample configuration files at 80
By default, the config generator wraps the text in configuration files
at 70. This destroys the formatting of our help text strings.
To preserve the formatting, we wrap it at 80 just like we do for code.

Change-Id: I1a9aff4a4c7ea09a8136b3a26d9c22fb270d6226
2016-08-02 13:58:53 +00:00
Stuart McLaren
fc0b47beb6 Add 'vhdx' disk format.
This patch adds the Hyper-V 'vhdx' disk format to the Glance
configuration. This allows users to upload 'vhdx' images by default.

'vhdx' disks can have much larger storage capacity than the older 'vhd'
format [1].  (Plus, anything with 'x' in the name is awesome.)

DocImpact: Docs will need to be updated to indicate that the 'vhdx'
disk_format is now one of the default disk formats supported by Glance.

UpgradeImpact: Adds 'vhdx' to the default list of disk_formats.  Operators
will no longer need to configure specifically to use 'vhdx' disks.

[1] https://technet.microsoft.com/en-us/library/hh831446(v=ws.11).aspx

Spec-Lite: https://review.openstack.org/#/c/347626
Change-Id: I4e172c78d7afeb8be5a0123238efe3d8e4b044c9
2016-07-28 16:34:00 +00:00
Jenkins
3706d23c2c Merge "Add image signature verification metadefs" 2016-07-08 23:55:13 +00:00
Jenkins
5f8fc5f86a Merge "Fix duplicated osprofile config for registry" 2016-07-06 14:26:01 +00:00
Fei Long Wang
d04d3122f8 Fix duplicated osprofile config for registry
Now when generating the config samples of Glance, glance-api.conf,
glance-glare.conf and glance-registry.conf will include duplicated
config options for osprofiler. It's because we're collecting
osprofiler's options at two places: etc/oslo-config-generator and
glance/opts.py. So to remove the duplication and keep consistenty
with the other options format, the patch removes the collecting
from etc/oslo-config-generator.

Change-Id: I45ef0bc8453cb8894dc245b8acf390b9ee0f6bfd
2016-07-06 10:02:30 +12:00
Brianna Poulos
e78ff4a92e Add image signature verification metadefs
Add the properties for signature verification to Glance's
Metadata Definitions Catalog.

These are defined as part of the merged spec at:
http://specs.openstack.org/openstack/glance-specs/specs/mitaka/approved/image-signing-and-verification-support.html

Change-Id: I749a31f67bdf0866e7349afcc60df490794f8736
2016-06-30 14:16:49 +00:00
Niall Bunting
969309ffae Change default policy to admin
From: https://review.openstack.org/#/c/309346/

"
I investigated the behaviour of the policy file when various policies
are removed.

A completely empty policy file will return a 403 Forbidden. As the user
will not match with any of the policies.

However, because glance has the policy ``default: ""``. It means that
any policy that is not explicitly stated in the the policy.json, is
by default usable by any member. I think that the ``default`` option
is a potentially bad thing to have in the policy.json file, due to the
ability to give permissions without explicitly stating it.
"

Therefore we should change ``"default": "",`` to ``"default":
"role:admin",``. To make sure that members don't inherit policies that
they shouldn't in the future. From a operators perspective it should be
more secure to have an opt-in rather than opt-out.

Change-Id: I57f9d4791126360079a941c1ff4cb2bbb86298d5
Closes-Bug: 1593177
2016-06-17 15:38:51 +00:00
Jamie Lennox
b0d0b1d0ba Use http-proxy-to-wsgi middleware from oslo.middleware
The HTTP_X_FORWARDED_PROTO handling fails to handle the case of
redirecting the /v1 request to /v1/ because it is handled purely by
routes and does not enter the glance wsgi code. This means a https
request is redirect to http and fails.

oslo.middleware has middleware for handling the X-Forwarded-Proto header
in a standard way so that services don't have to and so we should use
that instead of our own mechanism.

Leaving the existing header handling around until removal should not be
a problem as the worst that will happen is it overwrites an existing
'https' header value set by the middleware.

Closes-Bug: #1558683
Closes-Bug: #1590608
Change-Id: I481d88020b6e8420ce4b9072dd30ec82fe3fb4f7
2016-06-09 09:52:04 +10:00
Jenkins
8dd23d0b9c Merge "Incorrect title for Outbound Peak" 2016-06-02 05:29:55 +00:00
Niall Bunting
85375d46c7 Incorrect title for Outbound Peak
Changes the title to the correct one.

Change-Id: I6c71cd9a1489e4692cdfce252beda16b6e1c670a
Closes-Bug: 1587944
2016-06-01 16:50:20 +00:00
Jenkins
5be7a50fe0 Merge "Remove redundant store config from registry sample" 2016-06-01 11:30:23 +00:00
Nikhil Komawar
a0bddc9a70 Remove redundant store config from registry sample
Currently, the oslo config generator takes glance_store configs in
consideration while generating sample configs for the registry. Registry
doesn't really need these configs.

This patch removes the store config namespace from the oslo
config generator's setup to avoid regeneration of store section in
registry sample.

Sample configs have been regenerated using `tox -e genconfig` command to
make sure they reflect the change proposed. Only the
glance-registry.conf file has been refreshed as a part of this commit.

Closes-Bug: 1584350

Change-Id: I27c53d281dcd97a30c22a27c4833b24e1ca84f83
2016-05-31 18:05:40 -04:00
Dina Belova
790b01573a Use OSprofiler options consolidated in lib itself
Starting with 1.0.0 osprofiler release options needed for
its workability are consolidated inside osprofiler itself.
Let's use them.

Change-Id: Ib0266e0a6e9bfa99c4bacbdca623ab1211a822eb
2016-05-25 11:33:56 +03:00
Hemanth Makkapati
36936f8bc0 Add store opts to scrubber and cache sample conf
Add missing glance_store opts to sample conf files glance-scrubber.conf
and glance-cache.conf.

Change-Id: I123be151fdda8037e62ba21600e63c45fdc90c8d
Closes-Bug: #1568894
2016-04-11 10:10:32 -05:00
venkatamahesh
54153d79c2 Update the Administrator guide links with new ones
Change-Id: I4ec7cab23ffcd991160ac4930237fa50532724bf
2016-04-06 17:18:30 +05:30
Erno Kuvaja
9ef5ed125c Remove unused enable_v3_api config option
The option was used to enable experimental Artifacts API
that was moved to glance-glare service. This config option
does not do anything and is removed to avoid confusion.

Removed apropriate sections from example config files as well.

Change-Id: Ie84f3f65ec88fd30197758ac319ef5b2f4c313e2
Closes-bug: 1556050
2016-03-11 12:00:55 +00:00
Niall Bunting
1d459fda31 Update the config files
This should be the last time reordering happening by the
configgenerator. In future we should see only actual changes but to get
there we need to do this massive change once more.

Closes-Bug: 1553330
Change-Id: Icca0a94a40ba640ca75e01b5cd0d061dacd334ff
2016-03-09 10:31:57 +00:00
Jenkins
dc74368af3 Merge "Moved CORS middleware configuration into oslo-config-generator" 2016-03-07 19:31:34 +00:00
Jenkins
1f6ff26863 Merge "Deprecate use_user_token parameter" 2016-03-07 19:31:12 +00:00