Open Stack

On 12/6/2018 8:14 AM, Sean Mooney wrote:
>> 2. Would the user be able to PATCH the image to change the protected
>> value to false and then delete the image if they really wanted to?
> would they need too?
> if they wanted to delete the snapshot could thye not just delete the
> shelved instnace. if the snapshot is goin i assume we will not be able
> to unshvel
> it anyway by falling back to the base image or something like that so is
> there a usecase where deleteing the snap shot leave the shelved instance in a
> valid unshelvable state? if not i think setting the protected flag is ok to do.

I'm having a hard time understanding what you're saying. Are you saying, 
the user should delete the protected snapshot via deleting the shelved 
server? I don't think that's very clear. But yes you can't unshelve the 
instance if the image is deleted (or if the user does not have access to 
it, which is a separate bug [1675791]). I think you're just saying, the 
user shouldn't need to delete the protected shelve snapshot image and if 
they do, the server should be deleted as well.

>> The other problem with nova marking the image as protected is that if
>> the user deletes the server, the compute API tries to delete the
>> snapshot image [1] which would fail if it's still protected, and then we
>> could see snapshot images getting orphaned in glance. Arguably nova
>> could detect this situation, update the protected field to false, and
>> then delete the image.
> that seams sane to me. if nova set teh protected field when shelving the
> instance it shold be able to unprotect the snapshot when unshelving.

It's not unshelve, it's delete.

-- 

Thanks,

Matt