Manage VO-wide Image Lists
Prerequisites
- Have a valid AppDB account
- Be defined as VO Manager, Deputy or Expert in the EGI Operations Portal
Steps to follow:
-
Login into the AppDB portal, preferably with your X509 certificate
-
Locate your Virtual Organization
- Click on the Image List tab
- Add/remove/update, Virtual Appliances to your VO-wide Image List
- Publish changes
About the editor
For each VO the AppDB backend creates a temporary (draft) VO wide image list. This draft image list is not published to the infrastructure and is used only for editing purposes. If the VO manager has already published a VO wide image list, then the draft will be a copy of the published one. In any other case it will be an empty list.
The draft image list can be edited by adding, removing or updating virtual appliances from the editor list. These actions only apply to the draft image list and ** NOT** the published one. Once the draft image list is edited as desired, it can be published to the infrastructure by clicking the “publish changes” in the left upper corner of the editor.
By doing this the AppDB backend publishes a new VO wide image list with the new changes to the infrastructure and then uses a copy of it as the new draft image list for the next edit. The user can also revert all the changes of the draft image list and revert it to its original state by clicking the “revert changes” button. This means that the draft image list will either be an empty list (no virtual appliance references to it) or a copy of the latest published image list.
Note 1: The VO wide image list can only be published if there are changes to it.
Note 2: The published VO wide image list cannot be reverted to previous published VO wide image lists.
Note 3: The virtual appliances with their latest version expired and therefore their previous versions are not allowed to be added in a VO wide image list. For this reason the VO wide image list editor does not display them. However, if such a virtual appliance is included in the previously published VO wide image list, the editor will display it, allowing the the user to only remove it from the list.
List columns description
The VO wide image list editor is comprised of these columns:
-
Published : This indicates if a version of the virtual appliance is already used (included) in the published VO wide image list.
If it is included the icon will be green as displayed below:
.
In case the used version has expired, it also displays another icon in the bottom to indicate the fact:
-
Available/Used VAppliances : Provides information for the available virtual appliance, its version and expiration date.
If the published VO wide image list already includes this virtual appliance it displays information regarding the used version and its expiration date.
-
VAppliance version updates : This is used when the published VO wide image list includes an older version of the virtual appliance. It displays information regarding the latest version of the virtual appliance.
-
Messages : Displays various messages regarding the state of the virtual appliance version in relation to the VO wide image list. Eg a message indicating that the virtual appliance version will be included in the VO wide image list upon publishing.
-
Actions: Displays the available operations the (user) VO manager can apply to the VO wide image list for each virtual appliance. The only supported actions are addition, removal and update of virtual appliance versions from the list.
Image List Actions
Adding a new version
The addition of a new virtual appliance version is possible when the published VO wide image list does not include any version of the virtual appliance. In such a case, the user (VO Manager) can click the “add” button and mark the latest virtual appliance version to be included in the published VO wide image list.
If the addition is successful, a message will be displayed to indicate that this virtual appliance version will be included in the new VO wide image list upon publish. Also the “remove” button will be available to revert this selection.
Removing a version
The removal of a virtual appliance is possible when the published VO wide image list includes a version of the virtual appliance. In sush case, the user (VO manager) can click the “remove” button and mark the virtual appliance to be removed in the published VO wide image list.
If the removal is successful, a message will be displayed to indicate that this virtual appliance version will NOT be included in the new VO wide image list upon publish. Also, if the virtual appliance version is not expired, the “add” button will be available to revert the removal and re-include the virtual appliance version.
In case of the removal of a virtual appliance with an expired latest version, the editor will not display the Add button, because the expired virtual appliances are not allowed in the VO wide image lists.
Note: If you remove a virtual appliance with an expired latest version and publish the VO wide image list, then the editor will not display this virtual appliance again until its author publishes a new (not expired) version.
Updating to a newer version
The virtual appliance version update is possible when the published VO wide image list includes an older version of the virtual appliance and not the latest one. In other words, this just means that the author of the virtual appliance published a new version. In such case, the user (VO Manager) can click the “update” button and mark the latest version on the virtual appliance to be included in the published VO wide image list and not the current one.
If the update is successful, a message will be displayed to indicate that the VO wide image list will include the latest virtual appliance version and NOT the currently included one. Also the remove button will still be available to remove the virtual appliance from the VO wide image list.
Security Checks
The AppDB system is integrated with the Security Cloud Assessment Tool (secant) service developed by CESNET. This service performs various security checks on the VM image of each virtual appliance version and provides a security report.
If such a security report exists, it is displayed in the VO wide image list editor, under the related virtual appliance version. In the case an available version update of a used virtual appliance exists, and the secand service have checked both the old and the new version, then both security reports will be displayed under each version of the virtual appliance.
There are three possible states for a security check.
- Pending: The security check is being performed but is not completed yet.
- Success: The security check has completed and no security vulnerabilities are detected in the VM image of the virtual appliance version.
- Failed: The security check has completed and security vulnerabilities are detected in the VM image of the virtual appliance version.
The user can click on the security check button to view details, such as which checks have failed or succeeded, when was it performed etc
Note: The security checks do NOT affect the editing or publishing of the VO wide image list. They only have an informative role to help the users (VO managers) decide if they should include, exclude or update a virtual appliance version to the VO wide image list.