It's not widely known that the OpenStack Images API v2 contains an implementation of a "tasks" API that can be customized by operators to enable asynchronous processing of long-running operations. For example, a deployer might want to enable end users to upload their own custom images ... but only after such images have been approved by some thorough, computation-intensive validation process. The Glance tasks API provides a common interface across OpenStack installations, but allows the implementation of tasks to be customizable to a particular cloud environment. Join Brian Rosmaita, Compute Control Plane Product Manager at Rackspace to see how Glance tasks are being used at Rackspace and to learn how you can use Glance tasks in your OpenStack cloud.
9. • This talk was originally planned to be given along with Nikhil Komawar, the
Glance Project Technical Lead
The old bait-and-switch
9www.rackspace.com
10. • This talk was originally planned to be given along with Nikhil Komawar, the
Glance Project Technical Lead
– Unfortunately, he can’t be here today
The old bait-and-switch
10www.rackspace.com
11. • This talk was originally planned to be given along with Nikhil Komawar, the
Glance Project Technical Lead
– Unfortunately, he can’t be here today
• “Making Glance tasks work for you”
The old bait-and-switch
11www.rackspace.com
12. • This talk was originally planned to be given along with Nikhil Komawar, the
Glance Project Technical Lead
– Unfortunately, he can’t be here today
• “Making Glance tasks work for you”
– Actually, the focus won’t be on how to implement your own tasks
The old bait-and-switch
12www.rackspace.com
13. • This talk was originally planned to be given along with Nikhil Komawar, the
Glance Project Technical Lead
– Unfortunately, he can’t be here today
• “Making Glance tasks work for you”
– Actually, the focus won’t be on how to implement your own tasks
– More about what tasks are, why you should consider using them
The old bait-and-switch
13www.rackspace.com
14. • This talk was originally planned to be given along with Nikhil Komawar, the
Glance Project Technical Lead
– Unfortunately, he can’t be here today
• “Making Glance tasks work for you”
– Actually, the focus won’t be on how to implement your own tasks
– More about what tasks are, why you should consider using them
– … and some requests for feedback
The old bait-and-switch
14www.rackspace.com
16. • Ops Feedback
– Thursday May 21, 2015 11:50am - 12:30pm
– Room 218
– Please attend if you can
– If you can’t, put suggestions on this etherpad:
http://etherpad.openstack.org/p/liberty-glance-ops-feedback
Glance design session tomorrow
16www.rackspace.com
18. • I was told that to have an effective
presentation, you need to start with
a compelling story
18
This presentation
www.rackspace.com
19. • I was told that to have an effective
presentation, you need to start with
a compelling story
• I will give you one!
19
This presentation
www.rackspace.com
20. • I was also told that it’s good if your
presentation includes some
controversy
20
This presentation
www.rackspace.com
21. • I was also told that it’s good if your
presentation includes some
controversy
• I’ll give you some of that, too!
21
This presentation
www.rackspace.com
23. • Wednesday May 20, 2015 2:40pm -
3:20pm
• Room 222
• https://etherpad.openstack.org/p/liberty-
what-is-glance
23
The direction of the Glance project
www.rackspace.com
24. • Glance’s role in OpenStack: Image
service
24
The Glance mission statement
www.rackspace.com
25. • Glance’s role in OpenStack: Image
service
• On July 10, 2014, the following mission
statement was merged:
To provide a service where users can
upload and discover data assets that
are meant to be used with other
services, like images for Nova and
templates for Heat
– https://review.openstack.org/#/c/98002/
25
The Glance mission statement
www.rackspace.com
26. • Images API
– v1 changed to SUPPORTED status
– v2 now considered CURRENT
26
Recent Developments in Glance
www.rackspace.com
27. • Images API
– v1 changed to SUPPORTED status
– v2 now considered CURRENT
• Metadefs catalog
– Added in Juno
– /v2/metadefs
27
Recent Developments in Glance
www.rackspace.com
28. • Images API
– v1 changed to SUPPORTED status
– v2 now considered CURRENT
• Metadefs catalog
– Added in Juno
– /v2/metadefs
• Catalog Index Service (Experimental API)
– Added in Kilo
– /v0.1/search
28
Recent Developments in Glance
www.rackspace.com
29. • Images API
– v1 changed to SUPPORTED status
– v2 now considered CURRENT
• Metadefs catalog
– Added in Juno
– /v2/metadefs
• Catalog Index Service (Experimental API)
– Added in Kilo
– /v0.1/search
• Artifacts (Experimental API)
– Scheduled for Liberty
– /v0.1/artifacts
29
Recent Developments in Glance
www.rackspace.com
30. • Wednesday May 20, 2015 2:40pm -
3:20pm
• Room 222
• https://etherpad.openstack.org/p/liberty-
what-is-glance
30
The direction of the Glance project
www.rackspace.com
31. • Wednesday May 20, 2015 3:30pm – 4:10pm
• Room 222
• https://etherpad.openstack.org/p/catalog-index-
service-liberty
31
Catalog Index Service – Future and Scope
www.rackspace.com
39. • End users would like to bring
their own images into your cloud
39
The compelling story
www.rackspace.com
40. • End users would like to bring
their own images into your cloud
• But there are a few
complications …
40
The compelling story
www.rackspace.com
41. • Some end users don’t quite
understand what the OpenStack
Image Service is
41
The compelling story
www.rackspace.com
42. • Some end users don’t quite
understand what the OpenStack
Image Service is
– You can upload as many JPEGs as you
want, but you’ll never be able to boot a
VM from them
42
The compelling story
www.rackspace.com
43. • Some end users do understand
what the OpenStack Image Service
is … but they are not nice people
43
The compelling story
www.rackspace.com
44. • Some end users do understand
what the OpenStack Image Service
is … but they are not nice people
– Someone may upload malicious images
to share malware with other users
44
The compelling story
www.rackspace.com
45. • Some end users do understand
what the OpenStack Image Service
is … but they are not nice people
– Someone may upload malicious images
to share malware with other users
– Someone may upload a malicious image
to try and attack the hypervisor itself
45
The compelling story
www.rackspace.com
46. • Some end users have really slow
connections
46
The compelling story
www.rackspace.com
47. • Some end users have really slow
connections
– Upload will take a long time
47
The compelling story
www.rackspace.com
48. • Some end users have really slow
connections
– Upload will take a long time
– Lots of really slow, long-running uploads
can tie up the image service
48
The compelling story
www.rackspace.com
49. • Some end users have really slow
connections
– Upload will take a long time
– Lots of really slow, long-running uploads
can tie up the image service
– The Image Service is kind of important
for Nova
49
The compelling story
www.rackspace.com
50. • How to get information back to
users?
50
The compelling story
www.rackspace.com
51. • How to get information back to
users?
– The Image status field is not very
descriptive
51
The compelling story
www.rackspace.com
52. • How to get information back to
users?
– The Image status field is not very
descriptive
– The uploaded thing might not be a VM
image, anyway … do we really want to
create an “image” that’s not an image?
52
The compelling story
www.rackspace.com
53. • We want to find a way for end users
to:
– Upload their custom VM images into an
OpenStack cloud
53
The compelling story
www.rackspace.com
54. • We want to find a way for end users
to:
– Upload their custom VM images into an
OpenStack cloud
– In such a way that the uploaded data can
be verified as a VM image
54
The compelling story
www.rackspace.com
55. • We want to find a way for end users
to:
– Upload their custom VM images into an
OpenStack cloud
– In such a way that the uploaded data can
be verified as a VM image
– And scanned for malware or exploits
55
The compelling story
www.rackspace.com
56. • We want to find a way for end users
to:
– Upload their custom VM images into an
OpenStack cloud
– In such a way that the uploaded data can
be verified as a VM image
– And scanned for malware or exploits
– Using an interface that’s common across
OpenStack installations
56
The compelling story
www.rackspace.com
57. • We want to find a way for end users
to:
– Upload their custom VM images into an
OpenStack cloud
– In such a way that the uploaded data can
be verified as a VM image
– And scanned for malware or exploits
– Using an interface that’s common across
OpenStack installations
– Yet is customizable as to the actual
workflow
57
The compelling story
www.rackspace.com
58. • We want to find a way for end users
to:
– Upload their custom VM images into an
OpenStack cloud
– In such a way that the uploaded data can
be verified as a VM image
– And scanned for malware or exploits
– Using an interface that’s common across
OpenStack installations
– Yet is customizable as to the actual
workflow
– And which provides useful feedback to
the end user
58
The compelling story
www.rackspace.com
59. • And …
– End users may want to download images
to move them to another cloud for
various reasons
59
The compelling story
www.rackspace.com
60. • And …
– End users may want to download images
to move them to another cloud for
various reasons
– The same problems present themselves
60
The compelling story
www.rackspace.com
61. • And …
– End users may want to download images
to move them to another cloud for
various reasons
– The same problems present themselves
– A provider may want to pre-process an
image before it’s handed over to an end
user
61
The compelling story
www.rackspace.com
62. • And …
– End users may want to download images
to move them to another cloud for
various reasons
– The same problems present themselves
– A provider may want to pre-process an
image before it’s handed over to an end
user
– The end user may have a slow
connection, etc.
62
The compelling story
www.rackspace.com
63. • And …
– End users may want to download images
to move them to another cloud for
various reasons
– The same problems present themselves
– A provider may want to pre-process an
image before it’s handed over to an end
user
– The end user may have a slow
connection, etc.
– We’re dealing with another long-running,
asynchronous image-related activity
63
The compelling story
www.rackspace.com
64. • And …
– End users may want to download images
to move them to another cloud for
various reasons
– The same problems present themselves
– A provider may want to pre-process an
image before it’s handed over to an end
user
– The end user may have a slow
connection, etc.
– We’re dealing with another long-running,
asynchronous image-related activity
– Would like a way to handle this direction,
too
64
The compelling story
www.rackspace.com
65. • And …
– End users may want to move images
from one isolated cloud region to another
65
The compelling story
www.rackspace.com
66. • And …
– End users may want to move images
from one isolated cloud region to another
– End users may want to move images
from one OpenStack cloud to another
OpenStack cloud
66
The compelling story
www.rackspace.com
67. • And …
– End users may want to move images
from one isolated cloud region to another
– End users may want to move images
from one OpenStack cloud to another
OpenStack cloud
– Yet another long-running, asynchronous
image-related activity
67
The compelling story
www.rackspace.com
69. • Provide a common API across
OpenStack installations
– /v2/tasks
Glance tasks
69www.rackspace.com
70. • Provide a common API across
OpenStack installations
– /v2/tasks
• Workflow is customizable per cloud
provider
Glance tasks
70www.rackspace.com
71. • Provide a common API across
OpenStack installations
– /v2/tasks
• Workflow is customizable per cloud
provider
• Don’t create an image until there’s a
high probability of success
Glance tasks
71www.rackspace.com
72. • Provide a common API across
OpenStack installations
– /v2/tasks
• Workflow is customizable per cloud
provider
• Don’t create an image until there’s a
high probability of success
• Provide a way to deliver meaningful,
helpful error messages
Glance tasks
72www.rackspace.com
73. • Provide a common API across
OpenStack installations
– /v2/tasks
• Workflow is customizable per cloud
provider
• Don’t create an image until there’s a
high probability of success
• Provide a way to deliver meaningful,
helpful error messages
• Concept of expiration built in
Glance tasks
73www.rackspace.com
74. • Provide a common API across
OpenStack installations
– /v2/tasks
• Workflow is customizable per cloud
provider
• Don’t create an image until there’s a
high probability of success
• Provide a way to deliver meaningful,
helpful error messages
• Concept of expiration built in
• Frees the normal upload/download
path for trusted users
Glance tasks
74www.rackspace.com
79. Glance task schema (abbreviated)
79www.rackspace.com
{ "name": "task",
"properties": {
"expires_at": {
"description": "Datetime when this resource would be subject to removal”},
"input": {
"description": "The parameters required by task, JSON blob”},
"message": {
"description": "Human-readable informative message only included when appropriate (usually on failure)”},
"result": {
"description": "The result of current task, JSON blob”},
"status": {
"description": "The current status of this task",
"enum": [ "pending”, "processing”, "success”, "failure” ]},
"type": {
"description": "The type of task represented by this content",
"enum": [ "import” ]}}
}
85. • Glance only stores “real”
images
• Keep Glance highly available
for Nova
Tasks address: MANAGEABILITY
85www.rackspace.com
86. • Glance only stores “real”
images
• Keep Glance highly available
for Nova
• Security
– Screen images for vulnerabilities
Tasks address: MANAGEABILITY
86www.rackspace.com
87. • Tasks enable you to process
images asynchronously
according to current resource
availability
Tasks address: SCALABILITY
87www.rackspace.com
88. • Tasks help manage end users’
expectations
Tasks address: USABILITY
88www.rackspace.com
89. • Tasks help manage end users’
expectations
• Tasks can reduce user frustration
Tasks address: USABILITY
89www.rackspace.com
90. • Tasks help manage end users’
expectations
• Tasks can reduce user frustration
• Tasks can provide better error
feedback
Tasks address: USABILITY
90www.rackspace.com
107. Tasks are customizable …
107www.rackspace.com
"input": {
"description": "The parameters required by task, JSON blob",
"type": "object"
},
"result": {
"description": "The result of current task, JSON blob",
"type": "object"
}
108. Tasks provide a common interface …
108www.rackspace.com
"input": {
"description": "The parameters required by task, JSON blob",
"type": "object"
},
"result": {
"description": "The result of current task, JSON blob",
"type": "object"
}
110. • Tasks provide a common interface, but
the interface hides differences among
cloud providers
Questions
110www.rackspace.com
111. • Tasks provide a common interface, but
the interface hides differences among
cloud providers
• What’s the best way to make these
differences available to end users?
– Documentation?
– Programmatically?
Questions
111www.rackspace.com
112. • Tasks provide a common interface, but
the interface hides differences among
cloud providers
• What’s the best way to make these
differences available to end users?
– Documentation?
– Programmatically?
• How do users discover what upload
facility is available to them?
Questions
112www.rackspace.com
114. WE’RE HIRING!
bit.ly/RackerTalent
Expo Hall Booth P-11
Python OpenStack Engineers
C, C++ Linux Systems Engineers
Ruby DevOps Engineers
Java Frontend & Backend Developers
C#, .NET Software Developer in Test
JavaScript, CSS, HTML iOS/Android Development
Twisted, Backhone Data Scientist
Angular.JS, Ember.js, Node.js Field Sales Specialist
Restful/JSON/XML Strategic Account Executive
Closure, Scala, Erlang
Hadoop, MongoDB, MySQL
Solution Architect
Data Visualization