What is the reason why Nova has the policy that deleting the instance should never fail?
I'm talking about the instance record, not the VM itself, because I agree that the VM should always be deleted to free resources.
From my perspective deleting the instance record would result in a very weird user experience and in users manually creating the same situation we are trying to avoid.
- User requests instance deletion
- Calls to disconnect_volume fails
- Nova removes everything it can and at the end even the instance record, while it keeps trying to disconnect the device in the background.
- User wants to use the volume again but sees that it's in-use in Cinder
- Looks for the instance in Nova thinking that something may have gone wrong, but not seeing it there thinks it's a problem between cinder and nova.
- Runs the `cinder delete-attachment` command to return the volume to available state.
We end up in the same situation as we were before, with leftover devices.
What is the reason why Nova has the policy that deleting the instance should never fail?
I'm talking about the instance record, not the VM itself, because I agree that the VM should always be deleted to free resources.
From my perspective deleting the instance record would result in a very weird user experience and in users manually creating the same situation we are trying to avoid.
- User requests instance deletion
- Calls to disconnect_volume fails
- Nova removes everything it can and at the end even the instance record, while it keeps trying to disconnect the device in the background.
- User wants to use the volume again but sees that it's in-use in Cinder
- Looks for the instance in Nova thinking that something may have gone wrong, but not seeing it there thinks it's a problem between cinder and nova.
- Runs the `cinder delete-attachment` command to return the volume to available state.
We end up in the same situation as we were before, with leftover devices.