yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1807110] Re: Shelved instance image/snapshot is not protected from deletion

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Matt Riedemann <mriedem.os@xxxxxxxxx>
Date: Thu, 06 Dec 2018 12:35:28 -0000
Reply-to: Bug 1807110 <1807110@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Hmm, this is an interesting point. Setting the protected=true flag on
the image seems like a good solution, except I don't see any kind of
force delete option for images. Would a user be able to change the
protected value from true to false if they really knew what they were
doing and wanted to delete the snapshot image? It's unclear to me from
reading the docs on updating an image and the image schema:

https://developer.openstack.org/api-ref/image/v2/index.html#update-image

https://developer.openstack.org/api-ref/image/v2/index.html#show-image-
schema

This should probably be discussed on the mailing list to get wider input
as this would also be an API behavior change for shelve.

** Tags added: shelve

** Changed in: nova
       Status: New => Opinion

** Changed in: nova
   Importance: Undecided => Wishlist

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1807110

Title:
  Shelved instance image/snapshot is not protected from deletion

Status in OpenStack Compute (nova):
  Opinion

Bug description:
  When shelving an instance with nova storage (instead of boot from
  volume), a glance snapshot of the VM is created before it is shelved.

  The user is free to delete this snapshot with no warning, indication
  or error that the snapshot is needed by the shelved instance other
  than the name (being VMNAME-shelved).

  Shelved images should be protected from deletion, ideally by
  indicating they are in use by the shelved instance or at the very
  least we could set (and perhaps not allow unsetting) the 'protected'
  flag.

  This results in data loss when the user inadvertently deletes the
  snapshot, not realizing it is required for the shelved instance. While
  it's technically user-induced and not spontaneous, a reasonable user
  would expect a warning or indication in such a case.

  This bug probably crosses over into glance rather than just nova,
  however, nova would likely need to at least partially orchestrate such
  a protection, so I am filing the bug against nova initially.

  == Steps to reproduce ==
   (1) openstack server create --flavor m1.small --image xenial --network tenant --wait test-a
   (2) openstack shelve test-a # wait
   (3) openstack image delete test-a-shelved --wait # Received: NO ERROR, Expected: ERROR
   (4) openstack server unshelve test-a # ERROR (cannot find image)

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1807110/+subscriptions

References

[Bug 1807110] [NEW] Shelved instance image/snapshot is not protected from deletion
From: Trent Lloyd, 2018-12-06