Victoria Series Release Notes

21.1.0

Bug Fixes

  • Bug 1913625: Glance will leak staging data

  • Bug 1914826: web download with invalid URL does not report error

  • Bug 1916052: Unable to Create trust errors in glance-api

  • Bug 1930597: Doc for “Configuring SSL Support” outdated in glance

21.0.0

Prelude

The Victoria release includes some important milestones in Glance development priorities.

  • Added support to calculate virtual size of image based on disk format

  • Added support for sparse image upload for filesystem and rbd driver of glance_store

  • Improved performance of rbd store chunk upload

  • Fixed some important bugs around copy-image import method and importing image to multiple stores

  • Added support to configure multiple cinder stores

New Features

  • Added support for Cinder multiple stores.

  • Added policy support to allow copying image to multiple stores, even if those images are not owned by the current user’s project.

  • Added support to calculate virtual size of image based on disk format

  • Added support for sparse image upload for filesystem and RBD driver

  • Improved performance of rbd store chunk upload

  • Added support to configure multiple cinder stores

Upgrade Notes

  • The glance-replicator options mastertoken and slavetoken were deprecated in the Pike release cycle. These options have now been removed. The options sourcetoken and targettoken should be used instead.

  • During upgrade from single Cinder store to multiple Cinder stores, legacy images location URL will be updated to the new format with respect to the volume type configured in the stores. Legacy location URL: cinder://<volume-id> New location URL: cinder://<store-id>/<volume-id>

  • After upgrading, deployments using the Cinder backend should update their config to specify a volume type. Existing images on those backends will be updated at runtime (lazily, when they are first read) to a location URL that includes the store and volume type information.

Deprecation Notes

  • This release removes endpoints and config options related to glance-registry. Including but not limited to config option ‘data-api’ which has no production supported options left. SimpleDB has not been supported since moving DB migrations to alembic and registry is removed. All registry specific options and config files have been removed. ‘glance-registry’ command has been removed.

  • The deprecated ‘enable_v2_api’ config option has been removed.

  • The Image checksum property contains an MD5 hash of the image data associated with an image. MD5 has not been considered secure for some time, and in order to comply with various security standards (for example, FIPS), an implementation of the MD5 algorithm may not be available on Glance nodes.

    The secure “multihash” image properties, os_hash_algo and os_hash_value have been available on images since glance version 17.0.0 (Rocky). Until this point, the MD5 checksum property has been populated solely for backward compatibility. It is not, however, necessary for validating downloaded image data.

    Thus, we are announcing the DEPRECATION in this release of the image checksum property. It will remain as an image property, but beginning with the Victoria release, the checksum will not be populated on new images.

    Users should instead rely on the secure “multihash” to validate image downloads. The python-glanceclient, for example, has been using multihash validation (with an optional MD5 fallback) since version 2.13.0 (Rocky).

Bug Fixes

  • Bug 1881958: read-only http store should not be used if –all-stores specified for import/copy image workflow

  • Bug 1889640: Image import might result ‘active’ image with no data.

  • Bug 1889676: “stores” can be set as property breaking multistore indication of stores where the images are present

  • Bug 1887994: Mixed message in admin docs to deploy under httpd

  • Bug 1884596: A change was added to the import API which provides time-based locking of an image to exclude other import operations from starting until the lock-holding task completes. The lock is based on the task that we start to do the work, and the UUID of that task is stored in the os_glance_import_task image property, which indicates who owns the lock. If the task holding the lock fails to make progress for 60 minutes, another import operation will be allowed to steal the lock and start another import operation.

  • Bug 1885725: ‘copy-image’ import job should not run additional plugins

  • Bug 1888349: glance-cache-manage utility is broken

  • Bug 1886374: Improve lazy loading mechanism for multiple stores

  • Bug 1885003: Interrupted copy-image may break a subsequent operation

  • Bug 1884587: image import copy-image API should reflect proper authorisation

  • Bug 1876419: Failed to parse JSON file /etc/glance/metadefs/compute-vmware.json

  • Bug 1856581: metadefs: OS::Glance::CommonImageProperties out of date

  • Bug 1843576: Glance metadefs is missing Image property hw_vif_multiqueue_enabled

  • Bug 1856578: docs: image schema customisation restrictions

  • Bug 1808814: admin docs: interoperable image import revision for Stein

  • Bug 1870336: Update ‘common image properties’ doc

  • Bug 1888713: Async tasks, image import not supported in pure-WSGI mode

  • Bug 1891190: test_reload() functional test causes hang and jobs TIMED_OUT

  • Bug 1891352: Failed import of one store will remain in progress forever if all_stores_must_succeed=True

  • Bug 1887099: Invalid metadefs for watchdog

  • Bug 1795950: Fix cleaning of web-download image import in node_staging_uri

  • Bug 1895663: Image import “web-download” doesn’t check on download size