Releases 0.1.11 and 0.1.12 are not backwards compatible and may cause data loss
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
glance_store |
Won't Fix
|
High
|
Unassigned |
Bug Description
With glance_store 0.1.10 glance-api.conf may have the following entry:
[DEFAULT]
default_store = swift
(ie not specified in the [glance_store] stanza)
A newly created image will have a 'swift' location such as:
| 3 | 59a06ad2-
If you update to either glance_store 0.1.11 or glance_store 0.1.12
with the same config:
[DEFAULT]
default_store = swift
and create a new image, that image will have a 'file' style location:
mysql> select * from image_locations;
| 8 | e39ab820-
This behaviour is problematic for a couple of reasons:
1) It violates the principle of least surprise
I haven't changed my config: isn't it reasonably to assume that I won't suddenly (and silently) start saving images somewhere else?
2) It fails silently
It would be easy to detect that someone is using the deprecated option and is about to get unexpected behaviour. Instead we carry on regardless.
3) Anyone deploying the new store will not see any problems in their internal gate
If your gate (ie jobs run to test code before it is merged) runs on a single node (likely) then you will see successful image upload/download behaviour and will not realise that the image is not stored in swift as expected.
4) Every single existing glance deployment will set the default_store parameter
To me it seems reasonable to assume that deprecating this parameter will catch out a significant number of users -- leading images to be stored on local filesystem, unpredictable behaviour, and, potentially, data loss. Considering the cost/benefit of deprecating this parameter I feel there is a strong case for not deprecating it/re-instating it.
An alternative is to raise an error if [DEFAULT] /default_ store is defined.