tacker

image_utils: ImageUnacceptable exception during creating volume

Bug #2008064 reported by Ayumu Ueha on 2023-02-22

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	tacker	Fix Released	Undecided	Ayumu Ueha

Bug Description

In Zuul CI of Tacker project, the following error occur in c-vol process since 21th Feb 2023.

```
ERROR cinder.volume.volume_utils Traceback (most recent call last):
ERROR cinder.volume.volume_utils File "/opt/stack/cinder/cinder/volume/volume_utils.py", line 1209, in copy_image_to_volume
ERROR cinder.volume.volume_utils driver.copy_image_to_volume(
ERROR cinder.volume.volume_utils File "/opt/stack/cinder/cinder/volume/drivers/lvm.py", line 517, in copy_image_to_volume
ERROR cinder.volume.volume_utils image_utils.fetch_to_raw(context,
ERROR cinder.volume.volume_utils File "/opt/stack/cinder/cinder/image/image_utils.py", line 831, in fetch_to_raw
ERROR cinder.volume.volume_utils fetch_to_volume_format(context, image_service, image_id, dest, 'raw',
ERROR cinder.volume.volume_utils File "/opt/stack/cinder/cinder/image/image_utils.py", line 978, in fetch_to_volume_format
ERROR cinder.volume.volume_utils convert_image(tmp, dest, volume_format,
ERROR cinder.volume.volume_utils File "/opt/stack/cinder/cinder/image/image_utils.py", line 478, in convert_image
ERROR cinder.volume.volume_utils check_image_format(source, src_format, image_id, data, run_as_root)
ERROR cinder.volume.volume_utils File "/opt/stack/cinder/cinder/image/image_utils.py", line 758, in check_image_format
ERROR cinder.volume.volume_utils raise exception.ImageUnacceptable(
ERROR cinder.volume.volume_utils cinder.exception.ImageUnacceptable: Image 4d0e2375-2eee-4d73-b947-06d2aa816670 is unacceptable: The image format was claimed to be 'raw' but the image data appears to be in a different format.
```
Please refer to the attached file for the whole log. Attached log is obtained from the following CI results:
https://zuul.opendev.org/t/openstack/build/03988823bb6a41459839a900970312f0/logs

Previously, this error did not occur with the same data.
Is there any related fixes on Feb 20th-21th?

It is difficult to analyze from now on for us, so I will report the situation as a bug report.
As it is just before RC1, I expect a quick solution. Thanks.

CVE References

2022-47951

Revision history for this message

Ayumu Ueha (ueha) wrote on 2023-02-22:

screen-c-vol.txt Edit (2.7 MiB, text/plain)

Revision history for this message

Brian Rosmaita (brian-rosmaita) wrote on 2023-02-22:

Yes, we made a change to address CVE-2022-47951, and released new cinder on all stable branches.

See the second bullet point in the "Security Issues" section of the release notes:
https://docs.openstack.org/releasenotes/cinder/zed.html#security-issues

Can you provide the output of an image-show on 4d0e2375-2eee-4d73-b947-06d2aa816670, particularly what the disk_format property is?

Also, if possible, can you do a 'qemu-img info --output=json <filename>' on the image file that you uploaded to glance?

Brian Rosmaita (brian-rosmaita) on 2023-02-22

Changed in cinder:
status:	New → Incomplete

Revision history for this message

Ayumu Ueha (ueha) wrote on 2023-02-22:

Download full text (4.3 KiB)

Thanks for your reply!

Thanks for your reply!

* qemu-img info
```
$ qemu-img info --output=json /opt/stack/tacker/tacker/tests/etc/samples/etsi/nfv/common/Files/images/cirros-0.5.2-x86_64-disk.img 
{
    "virtual-size": 117440512,
    "filename": "/opt/stack/tacker/tacker/tests/etc/samples/etsi/nfv/common/Files/images/cirros-0.5.2-x86_64-disk.img",
    "cluster-size": 65536,
    "format": "qcow2",
    "actual-size": 15912960,
    "format-specific": {
        "type": "qcow2",
        "data": {
            "compat": "1.1",
            "lazy-refcounts": false,
            "refcount-bits": 16,
            "corrupt": false
        }
    },
    "dirty-flag": false
}
```

I would appreciate it if you could tell me how to fix it if I have to deal with it in the Tacker code side.
Thanks.

Revision history for this message

Brian Rosmaita (brian-rosmaita) wrote on 2023-02-22:

@Ayumu: thanks for the quick response. You can see that image-show says this:

| disk_format | raw |

but what the image format actually is, according to qemu-img:

"format": "qcow2",

The way to fix this is to look in your CI setup for where you upload the image. If you are using python-openstackclient, if you don't specify the --disk-format, openstackclient sets 'raw' as the default. So add

--disk-format qcow2

to your 'openstack image create' statement.

Revision history for this message

Ayumu Ueha (ueha) wrote on 2023-02-22:

Thanks for your information, I will try it! :)

Revision history for this message

Ayumu Ueha (ueha) wrote on 2023-02-24:

I don't know why, but the test succeeded yesterday without correcting your proposal..
But anyway, I think it is necessary to deal with it, so I will try to fix it in.

Ayumu Ueha (ueha) on 2023-02-28

affects:	cinder → tacker
Changed in tacker:
assignee:	nobody → Ayumu Ueha (ueha)
status:	Incomplete → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-03-03: Fix merged to tacker (master)

Reviewed: https://review.opendev.org/c/openstack/tacker/+/874786
Committed: https://opendev.org/openstack/tacker/commit/94d2433df7f643cdda076f8c81035bfb3f4c1036
Submitter: "Zuul (22348)"
Branch: master

commit 94d2433df7f643cdda076f8c81035bfb3f4c1036
Author: Ayumu Ueha <email address hidden>
Date: Wed Feb 22 15:40:16 2023 +0000

Fix to upload as the appropriate image format

    Cinder updates to check the format of images for security issue [1].
    The format of cirros image is qcow2 but upload as raw at devstack init
    process of Tacker.

This patch fixes to upload images to glance as the appropriate format.

[1] https://bugs.launchpad.net/cinder/+bug/1996188

Closes-Bug: #2008064
Change-Id: Ib7a36af99bc77f3bd1c95411760ff8cbd2456a3e