[Openstack-operators] Ocata glance configuration

Abel Lopez alopgeek at gmail.com
Wed Aug 16 16:26:28 UTC 2017


I'm having a real head-scratcher with Ocata glance right now.

v1 API is deprecated and marked for deletion in Pike, so creating images from a remote URL is not as easy as it used to be.

When using Horizon to create an image, setting the location as a remote URL fails to create the image, because we're not allowed to set locations anymore. The error in glance-api logs is

403 Forbidden
It's not allowed to add locations
if locations are invisible.


ok, So I learn that `show_multiple_locations` now defaults to False, and is marked as a deprecated option.
Setting this to `True` makes Horizon work create-image work, makes ceph instance snapshots work, etc.

But the glance team says this is wrong. They suggest configuring this via RBAC.
The default policy file has

"delete_image_location": "",
"get_image_location": "",
"set_image_location": "",

Which should mean "No restrictions", however without `show_multiple_locations=True` - Creating an image from URL or creating an instance snapshot with a ceph backend errors out.

 glance.api.v2.images There is not available location for image

So, according to https://review.openstack.org/#/c/313936/
We should be able to do this without this option, but how?

Any one else using Ocata glance with ceph backend?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20170816/1902074d/attachment.sig>


More information about the OpenStack-operators mailing list