Zed Series Release Notes

25.0.0

Prelude

The Zed release includes some important milestones in Glance development priorities. * Extended the functionality of stores-detail API * Added glance-download internal plugin to download the image from remote glance * Added support for immediate caching of an image * Removed dead code of auth and policy layers

New Features

  • Glance to glance image import plugin. With this release, users can import an image from another Glance server from another OpenStack region. The two glance services must use the same keystone service. The feature use the same Keystone authentication token on both Glance services and copy by default container_format, disk_format and customizable properties from source image ['hw_', 'trait:', 'os_distro', 'os_secure_boot', 'os_type']

  • “glance-manage” purges all deleted rows if “–max_rows” equals -1

  • When the Glance image cache is being used, the CURRENT version of the Image service API, as indicated in the GET /versions response, is 2.16.

  • This release brings expansion in the functionality of stores-detail API. The store’s detail API will list the way each store is configured, whereas previously this worked only for the RBD store. The API remains admin-only by default as it exposes backend information.

  • Added support to immediately start caching an image.

  • The Glance policies have been modified to drop the system scope. Every API policy is scoped to the project. This means that system-scoped users will get a 403 permission denied error.

    Also, the project reader role is ready to use. Users with reader role can only perform the read-only operations within their project. This role can be used for audit purposes.

    For the details on what changed from the existing policy, please refer to the RBAC new guidelines. We have implemented only phase-1 of the RBAC new guidelines. Currently, scope checks and new defaults are disabled by default. You can enable them by switching the below config option in glance.conf file:

    [oslo_policy]
    enforce_new_defaults=True
    enforce_scope=True
    

    We recommend enabling both scopes as well new defaults together otherwise you may experience some late failures with unclear error messages.

Upgrade Notes

  • The Image service API call PUT /v2/cache/{image_id} now returns a 202 (Accepted) response code to indicate success. In glance 24.0.0 (the initial Yoga release), it had mistakenly returned a 200.

  • The Image service API call DELETE /v2/cache/{image_id} and DELETE /v2/cache now returns a 204 (No Content) response code to indicate success. In Glance 24.0.0 (the initial Yoga release), it had mistakenly returned a 200.

  • Python 3.6 & 3.7 support has been dropped. The minimum version of Python now supported is Python 3.8.

  • Periodic job to prefetch image(s) into cache has been removed from the Glance API service with config option cache_prefetcher_interval which was added as an interval for the same periodic job also been removed as image(s) will be immediately queued for caching.

  • As Glance relies on oslo.middleware for this feature, care needs to be taken that it is configured properly from this release forward.

Deprecation Notes

  • Removed the deprecated ‘secure_proxy_ssl_header’ config option. Image import will be always enabled from this release onwards as designed.

Critical Issues

  • Correction of API response code for PUT /v2/cache/{image_id} from HTTP 200 to HTTP 202. (Bug 1971521)

Bug Fixes

  • Bug 1972666: Added cli_opts and cache_opts to support configgen to pick all groups from wsgi.py

  • Bug 1971521: Fixed the success response code of the REST API call PUT /v2/cache/{image_id} to be 202 (Accepted), following the original design of the feature.

  • Bug #1979699: Fix the glance-cache-prefetcher command to set up access to backend stores when the multi store feature is used.

  • Bug 1980049: Fixed the success response code of the REST API call DELETE /v2/cache/{image_id} and DELETE /v2/cache to be 204 (No Content), following the original design of the feature.

  • Bug 1875629: api-ref needs update about checksum image property

  • Bug 1971176: api-ref: cache manage needs improvements

  • Bug 1973631: List call for metadef namespaces returns 404 not found while fetching resource_types

  • Bug 1939922: Internal server error if shared member tries to stage data to image

  • Bug 1636243: Add CPU Mode Metadata Def

  • Bug 1973136: glance-multistore-cinder-import is failing consistently

  • Bug 1962581: bad default value for [wsgi] /python_interpreter option

  • Bug 1962480: api-ref: versions response needs an update

  • Bug 1946100: [oslo_limit] parameters are missing from glance-api.conf

  • Bug 1905672: Non-existing property protection file raises 500 Internal server error

  • Bug 1982426: Python3.11: “glance-manage” crashes