I've been looking at the most recent patch for this
(https://review.openstack.org/#/c/117988/).
I'm wondering what behaviour do folks feel is best in the following scenario?
1) an image download starts (download1)
2) send SIGHUP to glance-api
3) start another download (download2)
4)
All,
The 0.14.0 client breaks all v2 requests when pointed at a glance server
which is running code which is more than a few days old (ie pretty much
any production server).
There's a band-aid patch here: https://review.openstack.org/#/c/120143/
and a longer term patch here:
On 09/10/2014 11:52 AM, stuart.mclaren at hp.com wrote:
All,
The 0.14.0 client breaks all v2 requests when pointed at a glance server
which is running code which is more than a few days old (ie pretty much
any production server).
There's a band-aid patch here:
Hi Mark,
Many thanks for your leadership, and keeping glance so enjoyable to work on
over the last few cycles.
-Stuart
From: Mark Washenberger mark.washenber...@markwash.net
To: OpenStack Development Mailing List
openstack-dev@lists.openstack.org
Subject: [openstack-dev] [Glance] PTL
Hi Pete,
See the comments in patch set 5 for scrubber.py and
also this documentation: https://review.openstack.org/#/c/59471/
-Stuart
Message: 2
Date: Thu, 6 Feb 2014 11:56:28 -0700
From: Pete Zaitcev zait...@redhat.com
To: OpenStack Dev OpenStack-dev@lists.openstack.org
Subject:
Hi,
Right now you can select running either the v1 or v2 registries but not
both at the same time. I'd like to ask for an FFE for this functionality
(Erno's patch in progress here: https://review.openstack.org/#/c/79957/)
With v1 on the road to deprecation I think this may help migrating from
a
All,
I know there's a preference for using a proxy to terminate
SSL connections rather than using the native python code.
There's a good write up of configuring the various proxies here:
http://docs.openstack.org/security-guide/content/ch020_ssl-everywhere.html
If we're not using native
Just spotted the openstack-ssl element which uses 'stunnel'...
On Wed, 26 Mar 2014, stuart.mcla...@hp.com wrote:
All,
I know there's a preference for using a proxy to terminate
SSL connections rather than using the native python code.
There's a good write up of configuring the various
Thanks Chris.
Sounds like you're saying building out the apache element may be a sensible
next step?
-Stuart
Hi
We don't have a strong attachment to stunnel though, I quickly dropped it in
front of our CI/CD undercloud and Rob wrote
All,
There was a plan to use pypi's 'ordereddict' in Icehouse, to
replace how we're currently providing that functionality.
However, there are no ordereddict packages for Debian/Ubuntu
and there are no plans to provide them. (See Thomas Goirand's comment
here:
I'd just like to echo Tim Bell's comments.
From a rolling upgrade perspective where you have Glance nodes behind
a load balancer we'd probably need a way to manually 'hold back' on v1
until all nodes are upgraded to support v2 aswell.
(Otherwise your auto-discovery may hit an upgraded node
Hi Abishek,
download_image *should* apply to v2 in the same way as v1 I think.
If that's not what you're seeing can you enter a bug (with details) in
launchpad?
https://bugs.launchpad.net/glance
Typically you'd mark it with 'private security' but 'public security'
makes sense now.
Thanks!
All,
On my devstack setup neither image upload or image download work
for the Swift multi-tenant store in Juno (I'm getting E500s).
I'd be interested if someone can confirm.
With these changes upload/download worked for me:
glance upload
https://review.openstack.org/#/c/130757/
glance store
All,
The 0.1.9 version of glance_store, and glance's master branch both
contain some fixes for the Swift multi-tenant store.
This security related change hasn't merged to glance_store yet:
https://review.openstack.org/130200
I'd like to suggest that we try to merge this security fix and
On 2014-11-13 18:28:14 +0100 (+0100), Ihar Hrachyshka wrote:
[...]
I think those who maintain glance_store module in downstream
distributions will cherry-pick the security fix into their
packages, so there is nothing to do in terms of stable branches to
handle the security issue.
[...]
As a
All,
This change: https://review.openstack.org/#/c/32562/ seems to
have slipped off the radar, possibly because it has a '-1' -- but
I'm waiting on some feedback before progressing.
The patch can provide a good performance improvement (depending on your
configuration): I measure 3x for image
This change:
https://review.openstack.org/#/c/32919/
is the final piece of a puzzle that allows a (potentially significant)
performance improvement for image uploads (snapshots)/downloads when
using ssl.
Its the last change required for the following paths:
(nova/cinder) - (glance client) -
+1
Hey,
I would like to nominate Zhi Yan Liu(lzydev) for glance core. I think Zhi has
been an active reviewer/contributor to the glance community [1] and has
always been on top of reviews.
Thanks for the good work Zhi!
Iccha
[1]
+1
Hey,
I would like to nominate Fei Long Wang(flwang) for glance core. I think Fei has
been an active reviewer/contributor to the glance community [1] and has
always been on top of reviews.
Thanks for the good work Fei!
Iccha
[1]
All,
The main zero downtime config patch has merged (thanks to everyone, especially
Abhishek, for their help).
There's a couple of small, follow on corner case patches, that, eg ensure a config
change to logging (INFO-DEBUG)
can be picked up dynamically.
Are we planning/hoping to merge them
A quick reminder for Glance cores to check if the 'Author' changes
between patch sets.
When someone other than the original submitter uploads a new patch set
they should, if appropriate, add themselves as a co-author rather than
replace the original patch author. (It's the 'Author' rather than
Hi,
Debian are hitting this issue https://bugs.launchpad.net/glance/+bug/1445827.
Currently glance and glance_store include ordereddict in their
requirements.txt. Since Glance no longer gates on py26 I think it should
be ok to remove that requirement from glance and glance_store
(both repos
All,
When using a version of python which has the new SSLContext (ie python 3, 2.7.9
and
at least some 2.7.8 versions) this issue:
https://github.com/eventlet/eventlet/issues/226
(where the combination of a newer python with https/eventlet and requests
doesn't handle
SSL certs propertly)
Hi Gorka,
Glance is seeing something very similar [3].
I've updated the two bugs ([1],[3]) with some extra info.
Both issues seem to have started around April 7th.
Would anyone from infra be able to take a quick look?
Thanks,
-Stuart
[3] https://bugs.launchpad.net/glance/+bug/1442682
On Jun 5, 2015, at 19:25, Bhandaru, Malini K malini.k.bhand...@intel.com
wrote:
Continuing with David?s example and the need to control access to a Swift
object that Adam points out,
How about using the Glance token from glance-API service to glance-registry but
carry along extra data in
Hi Jamie,
Glance has another way of specifying the swift credentials for the single
tenant store which may (?) be useful here.
In glance-swift.conf you can specify something like:
[ref1]
user = tenant:user1
key = key1
auth_address = auth...@example.com
which means that in the database 'ref1'
I got zero responses on the mailing list raising a problem with Glance v2 [1].
I got zero responses on cross project meeting raising a problem with Glance v2
[2].
I'm very happy with my choice of words, because I think this hand slap on
Glance is the first time I got acknowledgement in my
Thanks for the heads up Jamie, I'll try to take a look.
-Stuart
Glancers,
A while ago I wrote an email outlining a couple of ways we could support
keystone v3 authentication when using swift as a backend for glance_store. In
the long term it would be best to transition swiftclient to use
I've compiled a list of backwards incompatabilities where the new client
will impact (in some cases break) existing scripts:
https://wiki.openstack.org/wiki/Glance-v2-v1-client-compatability
On 27/08/15 15:32 -0400, Nikhil Komawar wrote:
As a part of our continued effort to make the v2
I've compiled a list of backwards incompatabilities where the new client
will impact (in some cases break) existing scripts:
https://wiki.openstack.org/wiki/Glance-v2-v1-client-compatability
Awesome!
To be honest there's a little more red there than I'd like.
Of the 72 commands I tried,
The glance client (running 'inside' the Nova server) will re-calculate
the checksum as it downloads the image and then compare it against the
expected value. If they don't match an error will be raised.
How can I know that the image that a new instance is spawned from - is
actually the image
I've been looking into the existing task-based-upload that Doug mentions:
can anyone clarify the following?
On a default devstack install you can do this 'task' call:
http://paste.openstack.org/show/462919
Yup. That's the one.
as an alternative to the traditional image upload (the bytes are
After having some conversations with folks at the Ops Midcycle a
few weeks ago, and observing some of the more recent email threads
related to glance, glance-store, the client, and the API, I spent
last week contacting a few of you individually to learn more about
some of the issues confronting
We've been taking validation out as issues have been reported (it was
removed from image-list recently for example).
Removing across the board probably does make sense.
Agree with you. That's why I am asking about reasoning. Perhaps, we need to
realize how to get rid of this in glanceclient.
+1
I'm delighted to hear this.
Welcome back Ian.
+1 from me! Glad to have Ian back.
On 12/7/15, 11:36 AM, "Flavio Percoco" wrote:
> Greetings,
>
> Not long ago, Ian Cordasco, sent an email out stepping down from his
> core roles as he didn't have the time to dedicate
Excerpts from Flavio Percoco's message of 2015-12-09 09:09:10 -0430:
On 09/12/15 11:33 +, Kekane, Abhishek wrote:
Hi Devs,
We are adding support for returning ?x-openstack-request-id? to the caller as
per the design proposed in cross-project specs:
Hello Glance Team!
Hope you had a wonderful vacation and wishing you health and
happiness for 2016.
Would very much appreciate your considering https://review.openstack.org/194868
for a feature freeze exception.
I believe the spec is pretty solid, and we can deliver on the
Hello Glance Team!
Hope you had a wonderful vacation and wishing you health
and happiness for 2016.
Would very much appreciate your considering
https://review.openstack.org/194868 for a feature freeze exception.
I believe the spec is pretty solid, and we can deliver on the
Hi,
I'd like to request an exception for this spec:
https://review.openstack.org/#/c/170564/
-Stuart
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe:
On 11/01/16 15:52 -0500, Flavio Percoco wrote:
Greetings,
Gentle reminder that this is happening next week.
Cheers,
Flavio
- Original Message -
From: "Flavio Percoco"
To: openstack-dev@lists.openstack.org
Sent: Thursday, December 10, 2015 9:16:09 AM
Subject:
Sorry, can you give an example of the exact command you are using, please?
On 5 Feb 2016 22:45, "Fox, Kevin M" wrote:
We've been using the upload image from http url for a long time and when
we upgraded to liberty we noticed it broke because the client's defaulting
to v2
On 08/01/16 17:14 +, Ian Cordasco wrote:
Hey all,
Yo!
Thanks for taking the time to read the spec and writing this email.
Yes, the more eyes the better -- so thanks.
Flavio asked me to document the various alternatives. At very least
it's good to capture them in the spec.
Hi everyone,
I'd like to be considered for Glance PTL.
First: thanks (again) to Flavio for his leadership over the last cycle.
Glance is in pretty good shape right now: we have a coherent team which
is focussed on a well defined set of priorities. It's a relatively small
team, but we're
I think this makes sense (helps us spot things which could impact upgrade).
Hi Glance Team,
I have registered a blueprint [1] for blocking subtractive schema changes.
Cinder and Nova are already supporting blocking of subtractive schema
operations. Would like to add similar support here.
Hi,
A change in focus means I'm going to be less involved upstream for the
next while.
I realise the timing isn't great for the DefCore image import stuff.
I'm hoping someone else may be able to pick up where I've left off [1].
Thanks,
-Stuart
[1] https://review.openstack.org/#/c/312972,
Hi,
As part of Glance's image import [1] work we need to define how operators
can run site specific code as part of the import process. For example
an operator may want to perform some site-specific validation on the
image bits.
Note that I'm not so much interested in what we use to do this (ie
Hi Mike,
Here's my $0.02 on setting locations directly:
I think there will always be some (probably public cloud) operators who
are wary of allowing regular users to do this. For this reason,
and also because the API calls are backend specific (setting location
isn't supported for a filesystem
Hi Kairat,
I think it's great to try and tease through the various issues here.
I added some comments to the etherpad.
-Stuart
Hello all,
I would like to start to describe some design decisions we made in Glare
code (https://review.openstack.org/#/q/topic:bp/glare-api+status:open). If
you
I think this makes sense.
"Should Artifacts be part of Glance?" is something folks have been
debating for several years now, with seemingly equal numbers on
each side.
Even though it was far from unanimous, several summits ago it was decided
to aim for a a v3 Glance API which would support all
49 matches
Mail list logo