Instance files should be tombstoned and cleaned up later instead of immediately deleted
Bug #739601 reported by
Vish Ishaya
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Wishlist
|
Johannes Erdfelt |
Bug Description
This is a huge deployment concern. Recovering from accidental deletions by users is impossible if we immediately delete the instance files.
Changed in nova: | |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
Changed in nova: | |
milestone: | none → essex-4 |
status: | Fix Committed → Fix Released |
Changed in nova: | |
assignee: | nobody → Johannes Erdfelt (johannes.erdfelt) |
Changed in nova: | |
milestone: | essex-4 → 2012.1 |
To post a comment you must log in.
Agree this is important.
Do you think there should be a administrative command that e.g. gets run in cron job or do you think we should schedule it ourselves somehow? I like the former, because it feels simpler and easier for everyone, but it's really just pushing more work onto the packagers / deployers.
Anyone from Rackspace want to weigh in with a recommended policy? Do we just leave the disk image lying around for - say - 24 hours? Do we archive it off to Swift? What happens if people launch and shut down a lot of machines quickly - could that DoS the cloud?