[Openstack-operators] How to handle updates of public images?

Igor Bolotin igor_bolotin at symantec40.com
Sat Feb 7 21:38:07 UTC 2015


I'm not sure making image private or downgrading to community sharing is
the right concept for this.

I agree with community sharing. I think being able to distinguish between
public officially supported provider images and public, but not supported
by cloud provider is definitely needed.

However - retiring/hiding/archiving/deactivating (pick your term) outdated
public or community image (especially when it has known vulnerabilities) -
is part of managing image life-cycle vs. image sharing that
public/private/shared/community addresses.

There is another bp that seem to be very similar to this idea, but it
focused on disabling download rather than hiding image:
https://review.openstack.org/#/c/132717/

Best regards,
Igor


On Sat, Feb 7, 2015 at 12:35 PM, Louis Taylor <kragniz at gmail.com> wrote:

> On Sat, Feb 07, 2015 at 10:36:55AM -0800, Igor Bolotin wrote:
> > Going back to the idea of archiving images and not allowing launch of new
> > VMs and hiding archived images by default in Horizon/CLI (maybe still can
> > list/show if requested, possibly admin function only). Would it make
> sense
> > to propose this as a blueprint for the next release?
>
> There is currently a spec under review [1] for a new type of image which
> covers
> some of the usecases in this thread. Momentumn has fallen off on working
> on it,
> but with a little luck it should be in the Kilo release. Further comments
> and
> feedback on that spec may be helpful in moving it along and getting it
> ready in
> time.
>
> The basic idea is that the old images are moved from being public images to
> 'community' images, which remain bootable, but not visible in normal user
> listings.
>
> Louis
>
> [1] https://review.openstack.org/#/c/124050/11
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
>


-- 
Best regards,
Igor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150207/1d5940dd/attachment.html>


More information about the OpenStack-operators mailing list