Glance v2: Image property quotas are unforgiving when quota is exceeded

Bug #1258331 reported by Alex Meade
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fix Released
David Koo

Bug Description

Glance v2 image property quota enforcement can be unintuitive.

There are a number of reasons an image may have more properties than the image_propery_quota allows. E.g. if the quota is lowered or when it is first created. If this happens then any request to modify an image must result in the image being under the new quota. This means that even if the user is removing quotas they can still get an 413 overlimit from glance if the result would still be over the limit.

This is not a great user experience and is unintuitive. Ideally a user should be able to remove properties or any other action except for adding a property when they are over their quota for a given image.

Revision history for this message
Zhi Yan Liu (lzy-dev) wrote :

One proposal, I think can we add a function to db, just like what you did at [1], and use that to check and skip quota checking if user required to remove a property but add at [2].


David Koo (kpublicmail)
Changed in glance:
assignee: nobody → David Koo (kpublicmail)
David Koo (kpublicmail)
Changed in glance:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to glance (master)

Fix proposed to branch: master

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to glance (master)

Submitter: Jenkins
Branch: master

commit 0d95e5316a99b78b4f629a29d862548f87671b43
Author: David Koo <email address hidden>
Date: Mon Dec 23 14:09:41 2013 +0800

    Allow some property operations when quota exceeded

    Currently in Glance v2 if, for some reason, an image has more
    properties than the image_propery_quota allows (e.g. the quota was
    lowered after the image was created with properties) then any request
    to modify or delete existing properties results in a 413 overlimit
    error. Ideally a user should be able to remove properties or any other
    action except for adding a property when they are over their quota for
    a given image.

    This commit does this by adding a new member to the quota.ImageProxy
    class to "remember" what properties were already present in an image
    *before* any new property operations are preformed on the image. After
    the new property operations are performed the quotas are checked (before
    writing the image info to DB) only if any new properties have been

    This commit does not use a subclass of ExtraPropertiesProxy to check
    property quotas (in the __setitem__ method) because Glance does not
    implement the JSON-patch RFC correctly - in Glance all operations in a
    patch are applied and the quota checked only after all operations have
    been applied (RFC requires that operations be applied sequentially and
    fail on the first failure). Therefore it is possible for the quota to be
    temporarily exceeded when a patch is being applied and therefore we
    cannot check for quotas as they are being added - we have to wait until
    all patch operations have been completed.

    Also, as per review discussions in IRC, a new file:
    has been added to perform image property quota related tests (because
    the functional test framework is slow).

    Change-Id: Icf1b46343463791ed3d2f3ce376f11e409e792ff
    Closes-bug: #1258331
    Author: David Koo <email address hidden>

Changed in glance:
status: In Progress → Fix Committed
Changed in glance:
milestone: none → juno-2
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in glance:
milestone: juno-2 → 2014.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.