[openstack-dev] [Heat]Updated summit etherpad: API-retry-with-idempotency
Zane Bitter
zbitter at redhat.com
Fri Nov 15 11:46:44 UTC 2013
On 13/11/13 23:35, Chris Friesen wrote:
> On 11/13/2013 04:19 PM, Zane Bitter wrote:
>
>> Of course the idempotency token *should* be just the name, but since
>> most projects have inexplicably chosen not to enforce unique names (in
>> tenant scope), we're in the odd position of requiring 3 ways to look up
>> any resource (by name, UUID, and idempotency token). That's bonkers, but
>> what can you do?
>
> Why would the idempotency token not be the UUID? Presumably that should
> be unique.
Yes, but you don't know the UUID until you know it, and by then it's too
late (the resource has been created). So the idempotency token has to be
something passed in by the user.
You could allow the user to supply the UUID (you would obviously check
it for uniqueness). There is however, many possible ways in which that
could go horribly wrong (e.g. if you sharded based on UUID, an attacker
might be able to exploit that to overload one of your machines; the
uniqueness check leaks information from other tenants, &c.)
cheers,
Zane.
More information about the OpenStack-dev
mailing list