[openstack-dev] [nova] locked instances and snaphot
melwitt at outlook.com
Mon Jun 16 19:28:16 UTC 2014
Recently a nova bug  was opened where the user describes a scenario where an instance that is locked is still able to be snapshotted (create image and backup). In the case of Trove, instances are locked "...to ensure integrity and protect secrets which are needed by the resident Trove Agent." However, the end-user can still take a snapshot of the instance to create an image while it's locked, and restore the image later. The end-user then has access to the restored image.
During the patch review, a reviewer raised a concern about the purpose of instance locking and whether prevention of snapshot while an instance is locked is appropriate. From what we understand, instance lock is meant to prevent unwanted modification of an instance. Is snapshotting considered a logical modification of an instance? That is, if an instance is locked to a user, they take a snapshot, create another instance using that snapshot, and modify the instance, have they essentially modified the original locked instance?
I wanted to get input from the ML on whether it makes sense to disallow snapshot an instance is locked.
More information about the OpenStack-dev