Interrupted copy-image may break a subsequent operation
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Glance |
Fix Released
|
High
|
Unassigned | ||
| Ussuri |
Fix Committed
|
High
|
Unassigned | ||
| Victoria |
Fix Released
|
High
|
Unassigned | ||
Bug Description
Consider this scenario:
1. Upload image to glance to one store, everything is good
2. Start an image_import(
3. Power failure, network failure, or `killall -9 glance-api`
4. After the failure, re-request the copy-to-store
At this point, one of two cases will happen (we think) depending on the copy request:
5a. If all_stores_
6a. After we copy what was in the staging area to the new store, we will compare the size to that of the actual image, see that it is wrong and fail the operation
7a. The residue in the staging area will be deleted, but the storage on the backend will neither be updated in locations nor deleted, which is a LEAK (bad).
8a. The user could retry and it should succeed this time because the staging residue is gone, but the storage was leaked in the above step.
the other option is:
5b. If all_stores_
6b. After we copy what was in the staging area to the new store and compare the size, we will fail the operation
7b. We will not delete the residue from the staging dir, but _will_ delete the backend storage, avoiding the leak.
8b. The user will retry, which will repeat the same and fail again, over and over.
| summary: |
- Interrupted copy-to-store may corrupt a subsequent operation + Interrupted copy-to-store may break a subsequent operation or worse |
| description: | updated |
| description: | updated |
| summary: |
- Interrupted copy-to-store may break a subsequent operation or worse + Interrupted copy-image may break a subsequent operation or worse |
| Changed in glance: | |
| importance: | Undecided → High |
| summary: |
- Interrupted copy-image may break a subsequent operation or worse + Interrupted copy-image may break a subsequent operation |
| OpenStack Infra (hudson-openstack) wrote Fix merged to glance (master) | #1 |
| Changed in glance: | |
| status: | In Progress → Fix Released |
| OpenStack Infra (hudson-openstack) wrote Fix merged to glance (stable/ussuri) | #2 |
Reviewed: https:/
Committed: https:/
Submitter: Zuul
Branch: master
commit 22d8f1fcbf4325d
Author: Abhishek Kekane <email address hidden>
Date: Wed Jun 24 19:44:54 2020 +0000
Fix: Interrupted copy-image leaking data on subsequent operation
If copying existing image in other stores fails while staging the data to
staging directory due to power, network or any other reason. Then
subsequent try may lead to data leaks in stores.
To fix this, added check of the actual image size with the size
of image file present in the staging area. If it does not match
then delete the image file from staging area so that the entire
image will be staged again.
Change-Id: I44bfefb6eee421
Closes-Bug: #1885003