← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #60326

[Bug 1655030] [NEW] AggregateImagePropertiesIsolation can be circumvented using Boot from Volume

  Thread PreviousDate PreviousThread Next 
Public bug reported:

I have set up AggregateImagePropertiesIsolation to boot certain images on one compute node only. It works.
However, when I use Boot from Volume, the VM is launched on any node, although volume_image_metadata of the volume contains the image ID, such as:

volume_image_metadata = {u'container_format': u'bare', u'min_ram': u'0',
u'disk_format': u'qcow2', u'image_name': u'windows', u'image_id':
u'f6add2c7-52c0-46f1-97a5-3c30562fb9b3', u'checksum':
u'a11bdae56c6bb8b864fcaf35d4e1e9bb', u'min_disk': u'16', u'size':
u'10131734528'}

I think this makes the AggregateImagePropertiesIsolation filter next to
useless and will make me resort to aggregate segregation by flavor.

I think the problem is in the function get_image_metadata_from_volume. It only copies the properties size, min_ram, and min_disk and not the custom properties used for filtering with AggregateImagePropertiesIsolation
http://code.metager.de/source/xref/OpenStack/nova/nova/utils.py#1338

** Affects: nova
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1655030

Title:
  AggregateImagePropertiesIsolation can be circumvented using Boot from
  Volume

Status in OpenStack Compute (nova):
  New

Bug description:
  I have set up AggregateImagePropertiesIsolation to boot certain images on one compute node only. It works.
  However, when I use Boot from Volume, the VM is launched on any node, although volume_image_metadata of the volume contains the image ID, such as:

  volume_image_metadata = {u'container_format': u'bare', u'min_ram':
  u'0', u'disk_format': u'qcow2', u'image_name': u'windows',
  u'image_id': u'f6add2c7-52c0-46f1-97a5-3c30562fb9b3', u'checksum':
  u'a11bdae56c6bb8b864fcaf35d4e1e9bb', u'min_disk': u'16', u'size':
  u'10131734528'}

  I think this makes the AggregateImagePropertiesIsolation filter next
  to useless and will make me resort to aggregate segregation by flavor.

  I think the problem is in the function get_image_metadata_from_volume. It only copies the properties size, min_ram, and min_disk and not the custom properties used for filtering with AggregateImagePropertiesIsolation
  http://code.metager.de/source/xref/OpenStack/nova/nova/utils.py#1338

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1655030/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next