OpenStack Shared File Systems Service (Manila)

Microversions do not protect new clients talking to old servers well enough

Bug #1488624 reported by Ben Swartzlander on 2015-08-25

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Shared File Systems Service (Manila)	Fix Released	Critical	Andrew Kerr	OpenStack Shared File Systems Service (Manila) 1.0.0 "liberty"

Bug Description

One of primary purposes of microversions is to allow clients that understand microversions to determine if the server they are talking to understands the microversion that they speak. Clients should _expect_ REST APIs to fail if the server is too old to understand them.

Unfortunately existing old versions (such as Kilo) will simply ignore the microversion header and process the API as if it was a 1.0 request, even when the client explicitly asks for a higher version. This is because the URL didn't change from pre-microversions to post-microversions. We need to change the URL for microversioned requests to something that will definitely fail on older/existing versions of Manila, while continuing to support the old URL on the new server versions for backwards compatibility reasons (at least until we make the decision to complete the deprecation process for 1.0 and remove it altogether).

See original description

Ben Swartzlander (bswartz) on 2015-08-25

Changed in manila:
milestone:	none → liberty-rc1
importance:	Undecided → Critical
status:	New → Triaged

Clinton Knight (clintonk) on 2015-08-25

Changed in manila:
assignee:	nobody → Clinton Knight (clintonk)

Ben Swartzlander (bswartz) on 2015-08-25

description:

updated

Revision history for this message

Clinton Knight (clintonk) wrote on 2015-08-25:

Nova solved this problem by introducing /v2.1 in their URL path. But Ben doesn't want /v1.1 in the Manila URL path.

So what Ben wants is to introduce Manila v2 as the start of the microversions regime. This would require:

* Add /v2 to the URL map, connected to all the same /v1 API methods.
* Renumber the microversion sequence starting from 2.0.
* Update manilaclient to use v2.
* Update the versions API to reflect v2.
* Update tempest to use v2.
* Publish the new endpoint to Keystone.

What else?

Revision history for this message

Ben Swartzlander (bswartz) wrote on 2015-08-26:

Sounds like you covered it all. Personally, I would love to have removed the extensions before this change, but too much work would be required to achieve that. Extensions will need to be removed in some later microversion 2.X.

Clinton Knight (clintonk) on 2015-08-30

Changed in manila:
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-09-03: Fix proposed to manila (master)

Fix proposed to branch: master
Review: https://review.openstack.org/220221

Changed in manila:
assignee:	Clinton Knight (clintonk) → Andrew Kerr (andrew-kerr)

OpenStack Infra (hudson-openstack) on 2015-09-03

Changed in manila:
assignee:	Andrew Kerr (andrew-kerr) → Clinton Knight (clintonk)

OpenStack Infra (hudson-openstack) on 2015-09-09

Changed in manila:
assignee:	Clinton Knight (clintonk) → Alex Meade (alex-meade)

OpenStack Infra (hudson-openstack) on 2015-09-09

Changed in manila:
assignee:	Alex Meade (alex-meade) → Andrew Kerr (andrew-kerr)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-09-10: Fix merged to manila (master)

Reviewed: https://review.openstack.org/220221
Committed: https://git.openstack.org/cgit/openstack/manila/commit/?id=dddc0688796c764888f98a3e3e6ba7ea3cbf1c98
Submitter: Jenkins
Branch: master

commit dddc0688796c764888f98a3e3e6ba7ea3cbf1c98
Author: Clinton Knight <email address hidden>
Date: Thu Aug 27 15:00:23 2015 -0400

Add v2 Manila API path as base for microversions

    To prevent a microversioned client from managing a non-microversioned
    Manila server, Manila must update its REST endpoints by adding /v2 for
    all microversioned APIs.

This commit does the following:

    * Add /v2 to the URL map, connected to all the same /v1 API methods
    * Renumber the microversion sequence starting from 2.0
    * Update the versions API to reflect v2
    * Publish the new endpoint to Keystone in the DevStack plug-in
    * Update relevant documentation
    * Update Tempest tests for microversions
    APIImpact
    Co-Authored-By: Andrew Kerr <email address hidden>
    Closes-Bug: 1488624
    Change-Id: I56a516b5f81914557dd2465746629431cfd6deac

Changed in manila:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2015-09-22

Changed in manila:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2015-10-15

Changed in manila:
milestone:	liberty-rc1 → 1.0.0

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.