Restrict users from uploading volume to image based on glance protected properties
Image with protected properties concept was introduced in Glance in Havana release. One of the main use case of introducing this concept was for billing purpose.
i.e. owner of the image would create one or more custom protected properties for a licensed image and share it publicly to the users. When users uses this license image for creating new instances, owner will know who is using licensed images, for many hours and users will be charged accordingly. Also the meta data properties are copied when volume is created from the licensed image so that when this volume is used for booting vms, owner of the licensed image will know who is using it for billing purpose.
But presently, when you create a image from volume (volume created from licensed image), it allow user to create image as it only copies core properties leaving custom protected properties behind. This will allow user to use licensed image free of cost. Also he/she can share this image with another tenants. This will be a big blow to the owner of the licensed image. To avoid this, it is necessary to copy custom properties when you create a image from volume. If the glance deployer has allowed only administrator/owner to create custom protected properties, then normal user wouldn’t be able to create image from volume and use licensed image maliciously.
For example /etc/glance/
[^x_billing_
create = admin,owner
read = admin,Member,
update = admin,owner
delete = admin,owner
Blueprint information
- Status:
- Complete
- Approver:
- John Griffith
- Priority:
- Medium
- Drafter:
- Tushar Patil
- Direction:
- Approved
- Assignee:
- Pranali Deore
- Definition:
- Approved
- Series goal:
- Accepted for juno
- Implementation:
- Implemented
- Milestone target:
- 2014.2
- Started by
- John Griffith
- Completed by
- John Griffith
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Copy custom properties to image from volume