Bug Fixes¶

• Bug #1979699: Fixtheglance-cache-prefetcher command to set up access to backend storeswhen the multi store feature is used.

Prelude¶

The Xena release includes some important milestones in Glancedevelopment priorities.

• Added support for unified quotas using keystone limits

• Moved policy enforcement in API layer

• Implemented Secure RBAC project scope for metadef APIs

• Fixed some important bugs around multi-store imports and precachingimages

New Features¶

• Glance now has per-tenant quota support based on Keystone unifiedlimits for resources like image and staging storage, among otherthings. For more information about how to configure and use thesequotas, refer to the relevant section of theAdministrator Guide.

• Glance’s default policies for metadef APIs now support member and readerroles for Secure RBAC project persona. Administrative operations likecreate, delete and update are still protected using theadmin roleon a project. Administrative actions will be updated in the future toconsume system-scope.

Upgrade Notes¶

• The database migration engine used by Glance for database upgrades waschanged fromSQLAlchemy Migrate toAlembic in the 14.0.0 (Ocata)release. Support forSQLAlchemy Migrate has now been removed. Thismeans in order to upgrade from a pre-Ocata release to Xena or later,you must upgrade to Wallaby or earlier first.

Security Issues¶

• The Xena release of Glance is a midpoint in the process ofrefactoring how our policies are applied to API operations. Thegoal of applying policy enforcement in the API will ultimatelyincrease the flexibility operators have over which users can dowhat operations to which images, and provides a path for compliantSecure RBAC and scoped tokens. In Xena, some policies are moreflexible than they once were, allowing for more fine-grainedassignment of responsibilities, but not all things are possibleyet. Ifenforce_secure_rbac is not enabled, most things arestill enforcing the legacy behavior of hard and fastadmin-or-owner requirements.

Bug Fixes¶

• The cinder store lazy migration code assumed that the userperforming the GET was authorized to modify the image in order toperform the update. This will not be the case for shared or publicimages where the user is not the owner or an admin, and wouldresult in a 404 to the user if a migration is needed but notcompleted. Now, we delay the migration if we are not sufficientlyauthorized, allowing the first GET by the owner (or an admin) toperform it. See Bug1932337 for more information.

• Bug1916052: Unable to create trust errors in glance-api

• Bug1934673: Policy deprecations falsely claims defaulting to role based policies

• Bug1922928: Image tasks API excludes in-progress tasks

• Bug1936665: Functional tests not available for metadef resource types

• Bug1895173: Caught error: UPDATE statement on table ‘image_properties’. expected to update 1 row(s); 0 were matched

• Bug1940090: options of the castellan library are missing from glance-api.conf

• Bug1885928: Unable to spawn VM from community image

• Bug1939307: glance-uwsgi - Add missing cache prefetching periodic job

• Bug1940733: [oslo_reports] options are missing from the config file generated by oslo-confi-generator

• Bug1939944: The parameters of the healthcheck middlewares are missing from glance-api.conf