Glance

Glance replicator assumes owner ids are identical on both glance servers

Bug #1030697 reported by Michael Still
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Glance
Won't Fix
Low
Unassigned

Bug Description

This is true if both glance servers share a common keystone installation, but is not true if there is a separate keystone per glance server. We need some sort of user translation implementation here.

Revision history for this message
Michael Still (mikal) wrote :

Actually, maybe that's not totally true... Can admin users in glance set the owner of an image to be some arbitrary other user? Or will the owner of any images created on the slave be the replication user by definition?

Revision history for this message
Brian Waldon (bcwaldon) wrote :

Images created in a glance environment are owned by the user making the request. The one exception is if that user is an Admin. Admins can explicitly set the owner at creation to any string.

Revision history for this message
Michael Still (mikal) wrote :

Yeah, I think it wouldn't be that unusual to run the replicator as an admin user if you were a service provider, so I guess we should attempt some sort of UUID lookup. If a normal user was running the replicator for just their images, then they'd expect to see the images in the slaves be owned by them, so that behaviour looks good in that case.

Revision history for this message
Brian Waldon (bcwaldon) wrote :

So this isn't a bug, right?

summary: - Glance replicator assumes user UUIDs are identical on both glance
- servers
+ Glance replicator assumes owner ids are identical on both glance servers
Changed in glance:
status: New → Incomplete
Revision history for this message
Michael Still (mikal) wrote :

Well, I guess its a feature request. Its a bunch of code though, because the replicator would have to go off and ask keystone for the user's UUID, which means implementing a ketstone client in the replicator (or linking to one). I don't think this is going to make it into folsom at the least.

Revision history for this message
Brian Waldon (bcwaldon) wrote :

Ok, we can revisit this in Grizzly.

Changed in glance:
status: Incomplete → Triaged
Michael Still (mikal)
Changed in glance:
assignee: Michael Still (mikalstill) → nobody
Revision history for this message
Tom Fifield (fifieldt) wrote :

How did the grizzly revisit go?

Revision history for this message
Sean McGinnis (sean-mcginnis) wrote :

Is this still an issue that needs to be addressed?

Changed in glance:
status: Triaged → Incomplete
Revision history for this message
Cyril Roelandt (cyril-roelandt) wrote :

The Glance replicator has been deprecated for a while, we won't be looking into this issue.

Changed in glance:
status: Incomplete → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.