Jump to: navigation, search

Glance/Cinder-store-proposal

< Glance
Revision as of 14:23, 9 April 2014 by Alex Meade (talk | contribs)

Glance Cinder Driver

There is currently a Cinder store in Glance, however it does not support uploads and downloads. This is a proposal to allow Cinder to act as a data store for Glance images that supports upload and download by using Cinder volumes as containers for image data. There would be a 1-to-1 mapping of Glance images to Cinder volumes.

What are the benefits of this approach?

This will allow Glance to store images on the various SAN and NAS storage systems that are supported by Cinder. It also allows for storing images as block devices to enable the features mentioned in the "Subsequent Features" section of this wiki page.

How do you configure Glance on Cinder?

These new configuration options will need to be added to the current Cinder store options:

  • cinder_store_tenant - string - The Cinder tenant in which to store images
  • cinder_store_user - string - The Cinder user used to access Cinder
  • cinder_store_key - string - The Cinder key used to access Cinder
  • cinder_volume_type - string - The uuid of the volume type to assign to volumes created by Glance

How would an image upload work?

Glance-cinder-upload.png

1. The user begins streaming the image data to Glance as usual.
2. Make a request to the Cinder API to create a new volume with the configured volume type.
3. Attach the newly created volume to the Glance node using the Brick library.
4. Stream the incoming bits into the volume.
5. Detach the volume from the Glance node using the Brick library, set the image location to "cinder://<volume-uuid>', and return image details to the user.

How would an image download work?

Glance-cinder-download.png

1. The user sends a request to download the image
2. Retrieve the backend volume id from the image location and attach the volume to the Glance node using Brick library
3. Stream the bits from the volume to the user
4. Detach the volume from the glance node using Brick library

How would a Nova boot work?

Nova would download the image via Glance without needing knowledge that Cinder is storing the images.

Single tenant vs Multi tenant? How do we prevent the volume being deleted/changed out from under Glance?

Single-tenant

The Cinder store will only allow for 'single-tenant' use. Glance will use the credentials and tenant provided in glance-api.conf to create and attach to volumes. Credentials will not be stored in the image location. Volumes cannot be deleted without the Glance service knowing since only the glance user will have access to it's volumes in Cinder.
Multi-tenant, I.E. storing volumes in the users tenant, should not be supported because:

  • There is no way to support image sharing
  • Reauthentication due to the user token expiring would present problems
  • There is no way to prevent users from deleting/modifying volumes without Glance having knowledge.

How do we allow for Image Sharing?

This is trivial because the service user will have access to all image volumes in cinder.

What are the dependencies for this change?

Example Configuration

Subsequent Features

Bootable Volumes via Glance

This proposal is to allow Glance to create bootable volumes when using Cinder as a backend store.

When set, all images that are uploaded to cinder of the following formats will be set as bootable volumes: Example configuration: bootable_volume_formats = ‘raw’, ‘qcow2’

Boot from Volume via Image

This proposal is to allow nova to boot directly from an image stored as a bootable volume (boot from volume)