This adds the CORS support middleware to Glance, allowing a deployer
to optionally configure rules under which a javascript client may
break the single-origin policy and access the API directly.
For Glance, the paste.ini method of deploying the middleware was
chosen, because it needs to be able to annotate responses created
by keystonemiddleware. If the middleware were explicitly included
as in the previous patch, keystone would reject the request before
the cross-domain headers could be annotated, resulting in an
error response that was unreadable by the user agent.
A special consideration has been made to accomodate Glance's
nonstandard configuration files, by using 'glance-api' as the
value of oslo_config_project in paste.ini. This is to trigger
automatic oslo configuration loading for paste-loaded middleware,
in order to ensure that it finds glance-api.conf rather than
glance.conf.
DocImpact: Add link to CORS configuration in Admin Guide
OpenStack CrossProject Spec:
http://specs.openstack.org/openstack/openstack-specs/specs/cors-support.html
Oslo_Middleware Docs:
http://docs.openstack.org/developer/oslo.middleware/cors.html
OpenStack Cloud Admin Guide:
http://docs.openstack.org/admin-guide-cloud/cross_project_cors.html
Change-Id: Icf5fb91a0b9e6736e70314c72c1c99c5f170ba53
A Docker image is a tar archive typically containing a container
filesystem. In order to use the nova-docker compute driver nova and boot
docker instances glance support of the docker container format is
required.
This patch adds the Docker container format to the Glance configuration.
DocImpact: Docs will need to be updated to indicate that the docker
container_format is now one of the default container formats supported
by Glance.
UpgradeImpact: Adds 'docker' to the default list of container_formats.
Operators will no longer need to configure specifically to use docker
containers.
Closes-Bug: #1519402
Change-Id: Ifa206686086232a5599e7bc27a852bc5f3186ebc
For each image, when user clicks on Edit Image --> Update Metadata, the list
of various available metadata categories and properties is displayed in a
pop-up window. For each category and property, a user-friendly description is
displayed at the bottom of the pop-up.
The description for "Common Operating System Properties" category says - "When
adding an image to Glance, you may specify some common image properties that
may prove useful to consumers of your image." This is too generic and seems
like a copy-paste of the description from glance-common-image-props.json that
the author later failed to update.
Fixing this to show a more meaningful message.
Change-Id: I5477b1702932e07ab1fd499204d3ff1348abba3b
Closes-Bug: #1483063
Example configs were missing keystone_authtoken section after moving
to generated config files. This change returns that to generation.
Closes-Bug: #1500361
Change-Id: I6ee82c38061d483cea7254d155d9a72436880e84
Adding taskflow_executor_opts into the opts so they will be included.
Closes-bug: #1496012
Depends-On: I52ebf810f4699826baa2bdf91d28e24d902cf950
Change-Id: I9c0988a70f691482258f5f3ba9a5cf5601a81ddf
Prior to this change, images were being scrubbed serially while
the image locations, if multiple, were being scrubbed parallely.
For the general case, this may not achieve much performance gain as
the number of images is likely to be more than the number of image
locations per image. Hence, this change attempts to parallelize
image scrubbing while leaving image locations to be scrubbed
serially.
Also, though eventlet greenpool was being used, greening the world
wasn't done. As is, it's unlikely to achieve the intended gains. So,
this change also monkey patches essential python modules.
Finally, this change also makes the pool size configurable. This
offers the flexibility to choose between serial or parallel
scrubbing. Also, parallel scrubbing can be regulated to a desired
level by altering the pool size.
DocImpact
Implements: blueprint scrub-images-in-parallel
Change-Id: I5f18a70cd427e2c1e19a6bddeff317a46396eecc
The present default role of Keystone is _member_.
This change add _member_ to sample conf.
DocImpact
Change-Id: I4dbbbe53c491288a8596d828799a0dac253a1552
Since v3 is still unstable and has experimental status it's
better to disable it by default for security reasons. This
commit does it by setting 'enable_v3_api=False'.
Also all required documentation was added to related sections.
DocImpact
Change-Id: I412d0645d667400333532123008a24966aa23880
The location of the content has changed on docs.openstack.org, adjust
URL.
Implements blueprint redesign-docs-site
Change-Id: Ib30ea987d950bcec693f0d3d906602eca84b0719
This metadef adds CPU pinning namespace and property to Nova::Flavor,
Glance::Image, Cinder::Volume(image) resource types metadata.
Change-Id: I215373648f7490faf35e44f5b98f9a2688c81e79
Closes-bug: #1476696
The Catalog Index Service added in the kilo cycle has been split into a new
project named searchlight. This code now lives in a seperate repository:
https://git.openstack.org/openstack/searchlight
For more information about the split, see the governance change:
I8b44aac03585c651ef8d5e94624f64a0ed2d10b2
DocImpact
UpgradeImpact
APIImpact
Change-Id: I239ac9e32857f6a728f40c169e773ee977cca3ca
Since is possible to create images with no
ramdisk_id, kernel_id parameters on glance v1,
then the schema-image.json needs to be modified to
allow null, string values for both attributes
and prevent LP #1447193 to happen with a glance v2
client.
APIImpact
Closes-Bug: #1447215
Related-Bug: #1447193
Change-Id: I645c797553ccaa84062f9ad28f2349ae738a0c96
Signed-off-by: Jorge Niedbalski <jorge.niedbalski@canonical.com>
VC is an abbreviation commonly used, but incorrect for documentation.
The proper product name is vCenter and not VC.
TrivialFix
Change-Id: I53b883adf44ab749e6803730b2d5855a81dcf95f
Provide healthcheck middleware from oslo_middleware to be able to
disable given nodes from loadbalancer. It's achieved by adding a new
pipeline which depending on existing of the
/etc/glance/healthcheck_disable file can return one of the following
results:
- 200 OK (if file does not exist)
- 503 DISABLED BY FILE (if file exist)
The healthcheck is available under /healthcheck URL, and the whole
mechanism behave similar to the Swift healthcheck system.
implements bp: healthcheck-middleware
Co-Authored-By: Erno Kuvaja <jokke@usr.fi>
Co-Authored-By: Kamil Rykowski <kamil.rykowski@intel.com>
DocImpact
Change-Id: I45f6a8c59ec3040aaf06f8bab46d8001c44dac7a
In I9236cc85f4e9881ac1aa35d69bc6761a59c1b6c8 it was promised that the
default for digest_algorithm would change from sha1 to sha256. The sole
purpose of this commit is to upgrade the default to sha256 as promised.
DocImpact
SecurityImpact
Change-Id: I12be91db7b86e335a84c9ebed86dac3ba09051cb
This will add os_admin_user to the list of common properties for
operating systems metadata definition.
Commit I215bb82668df074141397909b58fa9189f46b4da is adding
os_admin_user to the list of image metadata it understands. As
a result, it's beneficial to also have that property defined
in the metadef.
Change-Id: I7cf70acf3c6a4f801b34d52926c444d05b79fd51
Implements: blueprint libvirt-set-admin-password
Bunch of glance source code files are marked as executable which is not
appropriate, this patch just 'chmod -x' to all of them.
Closes-Bug: #1468564
Change-Id: Iaa6ba2a4ec31994f528a191e480db202a96f0c67
Add a parameter to take advantage of the new(ish) eventlet socket timeout
behaviour. Allows closing idle client connections after a period of
time, eg:
$ time nc localhost 9292
real 1m0.063s
Setting 'client_socket_timeout = 0' means do not timeout.
DocImpact
Closes-bug: 1371022
Change-Id: I9e7edcbf25ece61dc16b8cd5a8bef5ed9a14e3d6
Adds REST API layer for Artifact Repository, binds all other changes
together.
Artifact Repository is run as a part of Glance api.
Requests are routed to /v3/artifacts endpoint on the api port.
API version in version selector is marked as experimental.
Registers artifacts service and a sample Artifact Type in Glance entry
points config.
Implements-blueprint: artifact-repository
FastTrack
Co-Authored-By: Inessa Vasilevskaya <ivasilevskaya@mirantis.com>
Co-Authored-By: Mike Fedosin <mfedosin@mirantis.com>
Co-Authored-By: Alexander Tivelkov <ativelkov@mirantis.com>
Change-Id: Ib6a0d2482208a37aa343a747dfe5f63f9080dd04
The vmware_ostype property is a string property defining the
available operating system types that can be associated with a
VM. The os types should be a enumeration rather than just a
free form string.
Change-Id: Ifa5d71299c34b4613adf0107eb3fadf25ec3e906
Commit I97147f8e0f749ee76f17569191e45eb520f7c88f added VirtualVmxnet3
to the list of supported network models. The glance compute metadata
definition should reflect that change.
Change-Id: I0e363233582584d5d7a62477603795a237f49b5c
Glance Search clients currently don't have
anyway to know what "types" are available.
Search clients need to know the "type" to
include in the search request for the
particular resource.
Change-Id: I8baed7c5183752b1f52f8050ce321aacec701f1c
Closes-Bug: #1439061
Since Juno, some new hardware properties have been added to Nova that
should be included in the Kilo versions of the metadef JSON files.
This bug, would add in new properties or objects found in Nova and update
properties or objects if the definitions have changed.
Closes-Bug: 1436877
Change-Id: I582827e666bece539674e4a191963ecf8ebf599f
Implements: blueprint catalog-index-service
* Glance Index and Search API Implementation
* Tool for indexing metadefinition resources and images from Glance
database into Elasticsearch index
Change-Id: I6c27d032dea094c7bf5a30b02100170e265588d9
Co-Authored-By: Lakshmi N Sampath <lakshmi.sampath@hp.com>
Co-Authored-By: Kamil Rykowski <kamil.rykowski@intel.com>
Co-Authored-By: Travis Tripp <travis.tripp@hp.com>
Co-Authored-By: Wayne Okuma <wayne.okuma@hp.com>
Co-Authored-By: Steve McLellan <steve.mclellan@hp.com>
Wikipedia's list of common misspellings [1] has a machine-readable
version. This patch fixes those misspellings mentioned in the list
which don't have multiple right variants (as e.g. "accension", which can
be both "accession" and "ascension"), such misspellings are left
untouched. The list of changes was manually re-checked for false
positives.
[1] https://en.wikipedia.org/wiki/Wikipedia:Lists_of_common_misspellings/For_machines
Change-Id: I6f549eb78998ead9b2f1a04e196e65b3f08f1be7
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
This change:
- Adds oslo.policy to the requirements list
- Accounts for changes in Enforcer initialization
- Accounts for changes to config options
- Removes incubated version of oslo.policy
- Updates the in-tree etc/config files
UpgradeImpact
Partially Implements Blueprint: graduate-policy
Change-Id: I5acb1e0f809098991f05ca3b6d78d4d88d98f2db
From Havana version glance was enhanced to be able to clean
pending-delete images up based on their location status db recorded [0].
So from the release, we don't really need two separated clean up logics
in scrubber internal any more - one logic to deal with booking file and
db, other one to handle db duplicately which I'm going to remove here.
[0]
https://wiki.openstack.org/wiki/ReleaseNotes/Havana#Multiple_Image_Locations
Change-Id: I6a1b42f4557d1822f049b2c88ce9f2c00d5c6483
Signed-off-by: Zhi Yan Liu <zhiyanl@cn.ibm.com>