Ceilometer

insecure config option not propagated by alarm service

Bug #1292130 reported by Eoghan Glynn on 2014-03-13

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Ceilometer	Fix Released	High	Eoghan Glynn	Ceilometer 2014.1 "icehouse"
	Havana	Fix Released	High	Eoghan Glynn	Ceilometer 2013.2.3

Bug Description

The service_credentials.insecure config option is not propagated by alarm service, causing insecure (i.e. non-cert-verifying) access over SSL to keystone from the alarm evaluator to fail with:

2014-03-13 17:41:25.495 22505 TRACE ceilometer.alarm.service AuthorizationFailure: Authorization Failed: SSL exception connecting to https://172.16.12.49:35357/v2.0/tokens

Tags:

Eoghan Glynn (eglynn) on 2014-03-13

Changed in ceilometer:
assignee:	nobody → Eoghan Glynn (eglynn)
importance:	Undecided → High
status:	New → In Progress
milestone:	none → icehouse-rc1

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-03-13: Fix proposed to ceilometer (master)

Fix proposed to branch: master
Review: https://review.openstack.org/80353

Eoghan Glynn (eglynn) on 2014-03-14

tags:

added: havana-backport-potential

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-03-14: Fix merged to ceilometer (master)

Reviewed: https://review.openstack.org/80353
Committed: https://git.openstack.org/cgit/openstack/ceilometer/commit/?id=b2be83ed1f53b22ae719c1439106ecb88625229a
Submitter: Jenkins
Branch: master

commit b2be83ed1f53b22ae719c1439106ecb88625229a
Author: Eoghan Glynn <email address hidden>
Date: Thu Mar 13 17:53:34 2014 +0000

Ensure insecure config option propagated by alarm service

Fixes bug 1292130

Ensure insecure (i.e. non-cert-verifying) access over SSL to
keystone works from the alarm evaluator

Change-Id: Ice009ad97ea540afede697e9d812f1bde877dd84

Changed in ceilometer:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-03-14: Fix proposed to ceilometer (stable/havana)

Fix proposed to branch: stable/havana
Review: https://review.openstack.org/80613

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-03-14: Fix proposed to ceilometer (master)

Fix proposed to branch: master
Review: https://review.openstack.org/80642

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-03-15: Fix merged to ceilometer (stable/havana)

Reviewed: https://review.openstack.org/80613
Committed: https://git.openstack.org/cgit/openstack/ceilometer/commit/?id=44618282fe71c7bdfcf3c88d9f637b3a83fdb2b0
Submitter: Jenkins
Branch: stable/havana

commit 44618282fe71c7bdfcf3c88d9f637b3a83fdb2b0
Author: Eoghan Glynn <email address hidden>
Date: Thu Mar 13 17:53:34 2014 +0000

Ensure insecure config option propagated by alarm service

Fixes bug 1292130

Ensure insecure (i.e. non-cert-verifying) access over SSL to
keystone works from the alarm evaluator

(cherry picked from commit eb14d7e80502f8b57f7c79f9120cf3f30f7e872b)
Change-Id: Ice009ad97ea540afede697e9d812f1bde877dd84

tags:

added: in-stable-havana

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-03-19: Fix merged to ceilometer (master)

Reviewed: https://review.openstack.org/80642
Committed: https://git.openstack.org/cgit/openstack/ceilometer/commit/?id=70621f43193fd32a8bb699b23d2b6f72d57be381
Submitter: Jenkins
Branch: master

commit 70621f43193fd32a8bb699b23d2b6f72d57be381
Author: Eoghan Glynn <email address hidden>
Date: Fri Mar 14 17:37:29 2014 +0000

Ensure insecure config option propagated by alarm evaluator

Fixes bug 1292130

    Ensure insecure (i.e. non-cert-verifying) access over SSL to
    keystone works from the alarm threshold evaluator for
    statistics queries and alarm state transitions.

Change-Id: Idb94fa96a6a8b32bd071af1f73fd3172ae6948ad

Thierry Carrez (ttx) on 2014-03-31

Changed in ceilometer:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2014-04-17

Changed in ceilometer:
milestone:	icehouse-rc1 → 2014.1

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.