© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
9199653
demo site
(Get the code!)
I would use the ability to set a checksum for images which were uploaded to their backend out-of-band (rather than through the Glance API). I have an automation which conditionally migrates image data between OpenStack deployments based on checksums matching or not. Without the checksum I need to use the size field, which is not a great assurance that the images match.
Suggestion via hemanthm in IRC: when a client adds a location for an image, the API could accept a checksum field. The client would essentially say "For image X, please add location Y, which I attest has checksum Z".
The Glance server could then do one of two things:
1. Trust the client and accept the checksum
2. Download the image data from the backend and compute the checksum. If it matches what the client has specified, then store the checksum for the image, otherwise set the image to an error state (maybe "killed" status)
1 would be easiest to implement, but Glance would be trusting the image location setter to not be evil (probably OK for my organization's use case.)
2 would provide a stronger assurance of image integrity than the current arrangement, but Glance would need to do more work to get there.