Re: [openstack-dev] [glance] Use Launcher/ProcessLauncher in glance

I've been looking at the most recent patch for this (https://review.openstack.org/#/c/117988/). I'm wondering what behaviour do folks feel is best in the following scenario? 1) an image download starts (download1) 2) send SIGHUP to glance-api 3) start another download (download2) 4)

[openstack-dev] [glance] 0.14.0 client - v2 requests broken

All, The 0.14.0 client breaks all v2 requests when pointed at a glance server which is running code which is more than a few days old (ie pretty much any production server). There's a band-aid patch here: https://review.openstack.org/#/c/120143/ and a longer term patch here:

Re: [openstack-dev] [glance] 0.14.0 client - v2 requests broken

On 09/10/2014 11:52 AM, stuart.mclaren at hp.com wrote: All, The 0.14.0 client breaks all v2 requests when pointed at a glance server which is running code which is more than a few days old (ie pretty much any production server). There's a band-aid patch here:

Re: [openstack-dev] [Glance] PTL Non-Candidacy

Hi Mark, Many thanks for your leadership, and keeping glance so enjoyable to work on over the last few cycles. -Stuart From: Mark Washenberger mark.washenber...@markwash.net To: OpenStack Development Mailing List openstack-dev@lists.openstack.org Subject: [openstack-dev] [Glance] PTL

[openstack-dev] [Glance] delayed delete and user credentials

Hi Pete, See the comments in patch set 5 for scrubber.py and also this documentation: https://review.openstack.org/#/c/59471/ -Stuart Message: 2 Date: Thu, 6 Feb 2014 11:56:28 -0700 From: Pete Zaitcev zait...@redhat.com To: OpenStack Dev OpenStack-dev@lists.openstack.org Subject:

[openstack-dev] [Glance] FFE Request: Allow enabling both v1 and v2 registries

Hi, Right now you can select running either the v1 or v2 registries but not both at the same time. I'd like to ask for an FFE for this functionality (Erno's patch in progress here: https://review.openstack.org/#/c/79957/) With v1 on the road to deprecation I think this may help migrating from a

[openstack-dev] [TripleO] proxying SSL traffic for API requests

All, I know there's a preference for using a proxy to terminate SSL connections rather than using the native python code. There's a good write up of configuring the various proxies here: http://docs.openstack.org/security-guide/content/ch020_ssl-everywhere.html If we're not using native

Re: [openstack-dev] [TripleO] proxying SSL traffic for API requests

Just spotted the openstack-ssl element which uses 'stunnel'... On Wed, 26 Mar 2014, stuart.mcla...@hp.com wrote: All, I know there's a preference for using a proxy to terminate SSL connections rather than using the native python code. There's a good write up of configuring the various

Re: [openstack-dev] [TripleO] proxying SSL traffic for API requests

Thanks Chris. Sounds like you're saying building out the apache element may be a sensible next step? -Stuart Hi We don't have a strong attachment to stunnel though, I quickly dropped it in front of our CI/CD undercloud and Rob wrote

[openstack-dev] [glance] 'ordereddict' requirement

All, There was a plan to use pypi's 'ordereddict' in Icehouse, to replace how we're currently providing that functionality. However, there are no ordereddict packages for Debian/Ubuntu and there are no plans to provide them. (See Thomas Goirand's comment here:

Re: [openstack-dev] [Nova][Glance] Support of v1 and v2 glance APIs in Nova

I'd just like to echo Tim Bell's comments. From a rolling upgrade perspective where you have Glance nodes behind a load balancer we'd probably need a way to manually 'hold back' on v1 until all nodes are upgraded to support v2 aswell. (Otherwise your auto-discovery may hit an upgraded node

Re: [openstack-dev] [Glance]: V2 api support for download_image policy?

Hi Abishek, download_image *should* apply to v2 in the same way as v1 I think. If that's not what you're seeing can you enter a bug (with details) in launchpad? https://bugs.launchpad.net/glance Typically you'd mark it with 'private security' but 'public security' makes sense now. Thanks!

[openstack-dev] [glance] multi-tenant store in Juno

All, On my devstack setup neither image upload or image download work for the Swift multi-tenant store in Juno (I'm getting E500s). I'd be interested if someone can confirm. With these changes upload/download worked for me: glance upload https://review.openstack.org/#/c/130757/ glance store

[openstack-dev] [glance] security and swift multi-tenant fixes on stable branch

All, The 0.1.9 version of glance_store, and glance's master branch both contain some fixes for the Swift multi-tenant store. This security related change hasn't merged to glance_store yet: https://review.openstack.org/130200 I'd like to suggest that we try to merge this security fix and

Re: [openstack-dev] [glance] security and swift multi-tenant fixes on stable branch

On 2014-11-13 18:28:14 +0100 (+0100), Ihar Hrachyshka wrote: [...] I think those who maintain glance_store module in downstream distributions will cherry-pick the security fix into their packages, so there is nothing to do in terms of stable branches to handle the security issue. [...] As a

[openstack-dev] [nova/glance] performance related change

All, This change: https://review.openstack.org/#/c/32562/ seems to have slipped off the radar, possibly because it has a '-1' -- but I'm waiting on some feedback before progressing. The patch can provide a good performance improvement (depending on your configuration): I measure 3x for image

[openstack-dev] [glance] FFE Request: Add swift_store_ssl_compression param

This change: https://review.openstack.org/#/c/32919/ is the final piece of a puzzle that allows a (potentially significant) performance improvement for image uploads (snapshots)/downloads when using ssl. Its the last change required for the following paths: (nova/cinder) - (glance client) -

[openstack-dev] Nominating Zhi Yan Liu for glance-core

+1 Hey, I would like to nominate Zhi Yan Liu(lzydev) for glance core. I think Zhi has been an active reviewer/contributor to the glance community [1] and has always been on top of reviews. Thanks for the good work Zhi! Iccha [1]

[openstack-dev] Nominating Fei Long Wang for glance core

+1 Hey, I would like to nominate Fei Long Wang(flwang) for glance core. I think Fei has been an active reviewer/contributor to the glance community [1] and has always been on top of reviews. Thanks for the good work Fei! Iccha [1]

[openstack-dev] [glance] zero downtime conf/kilo

All, The main zero downtime config patch has merged (thanks to everyone, especially Abhishek, for their help). There's a couple of small, follow on corner case patches, that, eg ensure a config change to logging (INFO-DEBUG) can be picked up dynamically. Are we planning/hoping to merge them

[openstack-dev] [glance] reminder to check 'Author' of patch set when reviewing

A quick reminder for Glance cores to check if the 'Author' changes between patch sets. When someone other than the original submitter uploads a new patch set they should, if appropriate, add themselves as a co-author rather than replace the original patch author. (It's the 'Author' rather than

[openstack-dev] [taskflow][glance][debian] Issue with ordereddict

Hi, Debian are hitting this issue https://bugs.launchpad.net/glance/+bug/1445827. Currently glance and glance_store include ordereddict in their requirements.txt. Since Glance no longer gates on py26 I think it should be ok to remove that requirement from glance and glance_store (both repos

[openstack-dev] [eventlet][requirements] Issue with eventlet = 0.17.2 and ssl

All, When using a version of python which has the new SSLContext (ie python 3, 2.7.9 and at least some 2.7.8 versions) this issue: https://github.com/eventlet/eventlet/issues/226 (where the combination of a newer python with https/eventlet and requests doesn't handle SSL certs propertly)

[openstack-dev] [infra][glanceclient][cinderclient] Problems with juno check jobs

Hi Gorka, Glance is seeing something very similar [3]. I've updated the two bugs ([1],[3]) with some extra info. Both issues seem to have started around April 7th. Would anyone from infra be able to take a quick look? Thanks, -Stuart [3] https://bugs.launchpad.net/glance/+bug/1442682

Re: [openstack-dev] [Glance][Keystone] Glance and trusts

On Jun 5, 2015, at 19:25, Bhandaru, Malini K malini.k.bhand...@intel.com wrote: Continuing with David?s example and the need to control access to a Swift object that Adam points out, How about using the Glance token from glance-API service to glance-registry but carry along extra data in

Re: [openstack-dev] [glance] V3 Authentication for swift store

Hi Jamie, Glance has another way of specifying the swift credentials for the single tenant store which may (?) be useful here. In glance-swift.conf you can specify something like: [ref1] user = tenant:user1 key = key1 auth_address = auth...@example.com which means that in the database 'ref1'

Re: [openstack-dev] [Nova] [Cinder] [Glance] glance_store and glance

I got zero responses on the mailing list raising a problem with Glance v2 [1]. I got zero responses on cross project meeting raising a problem with Glance v2 [2]. I'm very happy with my choice of words, because I think this hand slap on Glance is the first time I got acknowledgement in my

Re: [openstack-dev] [glance] V3 authentication to swift

Thanks for the heads up Jamie, I'll try to take a look. -Stuart Glancers, A while ago I wrote an email outlining a couple of ways we could support keystone v3 authentication when using swift as a backend for glance_store. In the long term it would be best to transition swiftclient to use

Re: [openstack-dev] [Glance] upcoming glanceclient release

I've compiled a list of backwards incompatabilities where the new client will impact (in some cases break) existing scripts: https://wiki.openstack.org/wiki/Glance-v2-v1-client-compatability On 27/08/15 15:32 -0400, Nikhil Komawar wrote: As a part of our continued effort to make the v2

Re: [openstack-dev] [Glance] upcoming glanceclient release

I've compiled a list of backwards incompatabilities where the new client will impact (in some cases break) existing scripts: https://wiki.openstack.org/wiki/Glance-v2-v1-client-compatability Awesome! To be honest there's a little more red there than I'd like. Of the 72 commands I tried,

Re: [openstack-dev] [glance] [nova] Verification of glance images before boot

The glance client (running 'inside' the Nova server) will re-calculate the checksum as it downloads the image and then compare it against the expected value. If they don't match an error will be raised. How can I know that the image that a new instance is spawned from - is actually the image

Re: [openstack-dev] [glance] proposed priorities for Mitaka

I've been looking into the existing task-based-upload that Doug mentions: can anyone clarify the following? On a default devstack install you can do this 'task' call: http://paste.openstack.org/show/462919 Yup. That's the one. as an alternative to the traditional image upload (the bytes are

Re: [openstack-dev] [glance] proposed priorities for Mitaka

After having some conversations with folks at the Ops Midcycle a few weeks ago, and observing some of the more recent email threads related to glance, glance-store, the client, and the API, I spent last week contacting a few of you individually to learn more about some of the issues confronting

Re: [openstack-dev] [glance] Models and validation for v2

We've been taking validation out as issues have been reported (it was removed from image-list recently for example). Removing across the board probably does make sense. Agree with you. That's why I am asking about reasoning. Perhaps, we need to realize how to get rid of this in glanceclient.

Re: [openstack-dev] [glance] Add Ian Cordasco back into glance-core

+1 I'm delighted to hear this. Welcome back Ian. +1 from me! Glad to have Ian back. On 12/7/15, 11:36 AM, "Flavio Percoco" wrote: > Greetings, > > Not long ago, Ian Cordasco, sent an email out stepping down from his > core roles as he didn't have the time to dedicate

Re: [openstack-dev] [python-glanceclient] Return request-id to caller

Excerpts from Flavio Percoco's message of 2015-12-09 09:09:10 -0430: On 09/12/15 11:33 +, Kekane, Abhishek wrote: Hi Devs, We are adding support for returning ?x-openstack-request-id? to the caller as per the design proposed in cross-project specs:

Re: [openstack-dev] [glance] Seeking FFE for "Support single disk image OVA/OVF package upload"

Hello Glance Team! Hope you had a wonderful vacation and wishing you health and happiness for 2016. Would very much appreciate your considering https://review.openstack.org/194868 for a feature freeze exception. I believe the spec is pretty solid, and we can deliver on the

Re: [openstack-dev] [glance] Seeking FFE for "Support single disk image OVA/OVF package upload"

Hello Glance Team! Hope you had a wonderful vacation and wishing you health and happiness for 2016. Would very much appreciate your considering https://review.openstack.org/194868 for a feature freeze exception. I believe the spec is pretty solid, and we can deliver on the

[openstack-dev] [glance] FFE for "Multi-tenant Swift store service token support"

Hi, I'd like to request an exception for this spec: https://review.openstack.org/#/c/170564/ -Stuart __ OpenStack Development Mailing List (not for usage questions) Unsubscribe:

Re: [openstack-dev] [glance][all] glance_store drivers deprecation/stabilization: Volunteers needed

On 11/01/16 15:52 -0500, Flavio Percoco wrote: Greetings, Gentle reminder that this is happening next week. Cheers, Flavio - Original Message - From: "Flavio Percoco" To: openstack-dev@lists.openstack.org Sent: Thursday, December 10, 2015 9:16:09 AM Subject:

Re: [openstack-dev] [cinder] v2 image upload from url

Sorry, can you give an example of the exact command you are using, please? On 5 Feb 2016 22:45, "Fox, Kevin M" wrote: We've been using the upload image from http url for a long time and when we upgraded to liberty we noticed it broke because the client's defaulting to v2

Re: [openstack-dev] [API] [Glance] New v2 Image Import

On 08/01/16 17:14 +, Ian Cordasco wrote: Hey all, Yo! Thanks for taking the time to read the spec and writing this email. Yes, the more eyes the better -- so thanks. Flavio asked me to document the various alternatives. At very least it's good to capture them in the spec.

[openstack-dev] [glance] PTL candidacy

Hi everyone, I'd like to be considered for Glance PTL. First: thanks (again) to Flavio for his leadership over the last cycle. Glance is in pretty good shape right now: we have a coherent team which is focussed on a well defined set of priorities. It's a relatively small team, but we're

Re: [openstack-dev] [Glance] Block subtractive schema changes

I think this makes sense (helps us spot things which could impact upgrade). Hi Glance Team, I have registered a blueprint [1] for blocking subtractive schema changes. Cinder and Nova are already supporting blocking of subtractive schema operations. Would like to add similar support here.

[openstack-dev] [glance] Hiatus

Hi, A change in focus means I'm going to be less involved upstream for the next while. I realise the timing isn't great for the DefCore image import stuff. I'm hoping someone else may be able to pick up where I've left off [1]. Thanks, -Stuart [1] https://review.openstack.org/#/c/312972,

[openstack-dev] [glance] Image import: operator plugins

Hi, As part of Glance's image import [1] work we need to define how operators can run site specific code as part of the import process. For example an operator may want to perform some site-specific validation on the image bits. Note that I'm not so much interested in what we use to do this (ie

Re: [openstack-dev] [Glance][Heat][Horizon] Glance v2 and custom locations

Hi Mike, Here's my $0.02 on setting locations directly: I think there will always be some (probably public cloud) operators who are wary of allowing regular users to do this. For this reason, and also because the API calls are backend specific (setting location isn't supported for a filesystem

Re: [openstack-dev] [Glance][Glare] External locations design

Hi Kairat, I think it's great to try and tease through the various issues here. I added some comments to the etherpad. -Stuart Hello all, I would like to start to describe some design decisions we made in Glare code (https://review.openstack.org/#/q/topic:bp/glare-api+status:open). If you

Re: [openstack-dev] [Glance][TC][Heat][App-Catalog][Murano][Tacker] Glare as a new Project

I think this makes sense. "Should Artifacts be part of Glance?" is something folks have been debating for several years now, with seemingly equal numbers on each side. Even though it was far from unanimous, several summits ago it was decided to aim for a a v3 Glance API which would support all