Configure tenant-specific image locations with Object Storage

Configure tenant-specific image locations with Object Storage

For some deployers, it is not ideal to store all images in one place to enable all tenants and users to access them. You can configure the Image service to store image data in tenant-specific image locations. Then, only the following tenants can use the Image service to access the created image:

  • The tenant who owns the image
  • Tenants that are defined in swift_store_admin_tenants and that have admin-level accounts

To configure tenant-specific image locations

  1. Configure swift as your default_store in the glance-api.conf file.

  2. Set these configuration options in the glance-api.conf file:

    • swift_store_multi_tenant

      Set to True to enable tenant-specific storage locations. Default is False.

    • swift_store_admin_tenants

      Specify a list of tenant IDs that can grant read and write access to all Object Storage containers that are created by the Image service.

With this configuration, images are stored in an Object Storage service (swift) endpoint that is pulled from the service catalog for the authenticated user.

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License http://creativecommons.org/licenses/by/3.0/legalcode.

See All Legal Notices