yahoo-eng-team team mailing list archive

[Brian Rosmaita <rosmaita.fossdev@xxxxxxxxx>]

Public bug reported:

Cinder allows encrypted volumes to be uploaded as images to Glance.
Nova has never supported the direct boot of such images; instead, the
user is supposed to use the image to create a volume, which can then be
booted from.

NOTE: Allowing such an instance to go 'active' allows it to be
snapshotted, leading to the problem described in Bug #1852106.

When a user does attempt to boot directly from such an image, the
instance goes 'active' but is unusable.  The end user will eventually
figure out what the problem is, but it would be better if the Compute
API rejected the boot request.

** Affects: glance
     Importance: Undecided
     Assignee: Brian Rosmaita (brian-rosmaita)
         Status: In Progress

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1863611

Title:
  Nova allows direct boot of an image created from an encrypted cinder
  volume

Status in Glance:
  In Progress

Bug description:
  Cinder allows encrypted volumes to be uploaded as images to Glance.
  Nova has never supported the direct boot of such images; instead, the
  user is supposed to use the image to create a volume, which can then
  be booted from.

  NOTE: Allowing such an instance to go 'active' allows it to be
  snapshotted, leading to the problem described in Bug #1852106.

  When a user does attempt to boot directly from such an image, the
  instance goes 'active' but is unusable.  The end user will eventually
  figure out what the problem is, but it would be better if the Compute
  API rejected the boot request.

To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1863611/+subscriptions