Re: Publishing raw generic{,cloud} images without tar, and without compression, plus versionning of point releases

To: debian-cloud@lists.debian.org
Subject: Re: Publishing raw generic{,cloud} images without tar, and without compression, plus versionning of point releases
From: Bastian Blank <waldi@debian.org>
Date: Sat, 6 Jun 2020 15:13:38 +0200
Message-id: <[🔎] 20200606131338.wtezsgsaxlmsywcd@shell.thinkmo.de>
Mail-followup-to: debian-cloud@lists.debian.org
In-reply-to: <[🔎] 461c21b9e410387bdc14621af7a66c2b7e4fb38f.camel@etc.gen.nz>
References: <16022b71-c5e8-e8ef-9b9e-076d71072b70@debian.org> <20200524213925.vjacbyeeaqh5kc6p@shell.thinkmo.de> <c0c42777-5867-7b00-27dd-3b217f50378a@debian.org> <20200525173627.5ujeyb47scx3jxel@shell.thinkmo.de> <91afff81-8757-b1c5-d445-96214df0463f@debian.org> <20200526192656.uz6xhmfuetrmzcjl@shell.thinkmo.de> <c7bec4a7631f3a7509dd3eec9ccacffa766da1b3.camel@etc.gen.nz> <[🔎] 20200606100606.r4physmqr3aqvrm7@shell.thinkmo.de> <[🔎] 461c21b9e410387bdc14621af7a66c2b7e4fb38f.camel@etc.gen.nz>

On Sat, Jun 06, 2020 at 11:16:42PM +1200, Andrew Ruthven wrote:
> Those are examples, and it notes that the formats available are
> configurable and none of them are specified as "must be available". The
> CLI docs also have a similar note.
> "Disk and container formats are configurable on a per-deployment
> basis."

Both say "configurable", this makes the setting a policy decision.

What I seek is the documentation of the technical problems.  And, if
Glance can't handle qcow2 with rbd, why such broken cases are not
outright rejected, without the admin setting some magic options.

> Please don't make assumptions. How can you know that the system you're
> dealing with can make conversions?

At least Cinder converts images all the time, and sometimes does not
even know what it actually got, which leads to things like
CVE-2015-1851.

> How do you get that reading? When you read in context within the email
> it reads as "we disable qcow2 because our backend only supports raw"
> because that's what I said elsewhere in the email.

Because of the "we", which I read as the admins of the instance.  And
"backend", which I don't talk to directly, but only to the Glance API.
And the, at least to my searches, missing big and fat warning: don't do
that, ever!

The only thing I can find comes from the Ceph documentation:
| Important
| Using QCOW2 for hosting a virtual machine disk is NOT recommended. If
| you want to boot virtual machines in Ceph (ephemeral backend or boot
| from volume), please use the raw image format within Glance.

Regards,
Bastian

-- 
Vulcans believe peace should not depend on force.
		-- Amanda, "Journey to Babel", stardate 3842.3

Reply to:

Follow-Ups:
- Re: Publishing raw generic{,cloud} images without tar, and without compression, plus versionning of point releases
  - From: Thomas Goirand <zigo@debian.org>
- Re: Publishing raw generic{,cloud} images without tar, and without compression, plus versionning of point releases
  - From: Andrew Ruthven <andrew@etc.gen.nz>

References:
- Re: Publishing raw generic{,cloud} images without tar, and without compression, plus versionning of point releases
  - From: Bastian Blank <waldi@debian.org>
- Re: Publishing raw generic{,cloud} images without tar, and without compression, plus versionning of point releases
  - From: Andrew Ruthven <andrew@etc.gen.nz>

Prev by Date: Re: Publishing raw generic{,cloud} images without tar, and without compression, plus versionning of point releases
Next by Date: Re: Official cloud image requirements
Previous by thread: Re: Publishing raw generic{,cloud} images without tar, and without compression, plus versionning of point releases
Next by thread: Re: Publishing raw generic{,cloud} images without tar, and without compression, plus versionning of point releases
Index(es):
- Date
- Thread