OpenStack DBaaS (Trove)

enabling exist notifications cause auth errors

Bug #1473550 reported by Craig Vyvial
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack DBaaS (Trove)
Fix Released
Medium
Doug Shelley
OpenStack DBaaS (Trove) 4.0.0 "liberty"

Bug Description

I found that enabling the exist notifications caused issues in taskmanager creating an admin_nova_client. There were auth issues mainly because of the urls had the tenant_id set to the tenant_name. By setting the management_url on the client like below, I was able to get the list of servers from the nova client api but then the flavor look up failed. I set the bypass_url on the client and then i was able to get the flavor info and get an exist event logged successfully.

- trove-taskmanager.conf file changes

nova_proxy_admin_user = admin
nova_proxy_admin_pass = <redacted>
nova_proxy_admin_tenant_id = admin

notification_driver = log
exists_notification_ticks = 1
report_interval = 2
exists_notification_transformer = trove.extensions.mgmt.instances.models.NovaNotificationTransformer
notification_service_id = mysql:2f3ff068-2bfb-4f70-9a9d-a6bb65bc084b
nova_compute_url = http://localhost:8774/v2

- trove/common/remote.py code that worked.

def create_admin_nova_client(context):
    """
    Creates client that uses trove admin credentials
    :return: a client for nova for the trove admin
    """
    client = create_nova_client(context)
# client.client.auth_token = auth_token
    tenant_id = "1a1b67e3b11b4dcead09b473f656b686" # this is terrible
    client.client.bypass_url = "%s/%s" % (CONF.nova_compute_url, tenant_id)
    client.client.management_url = "%s/%s" % (CONF.nova_compute_url, tenant_id)

    return client

See original description
Craig Vyvial (cp16net)
description: updated
Revision history for this message
Rohit Jaiswal (rohit-jaiswal-3) wrote :

This impacts the ability for ceilometer to integrate with and consume the trove.instance.exists event.

Craig Vyvial (cp16net)
Changed in trove:
status: New → Triaged
importance: Undecided → Medium
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to trove (master)

Fix proposed to branch: master
Review: https://review.openstack.org/228696

Changed in trove:
assignee: nobody → Doug Shelley (0-doug)
status: Triaged → In Progress
Craig Vyvial (cp16net)
tags: added: liberty-rc-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to trove (master)

Reviewed: https://review.openstack.org/228696
Committed: https://git.openstack.org/cgit/openstack/trove/commit/?id=e1538ae75e37b14905893d91c45dd044d32a7eb0
Submitter: Jenkins
Branch: master

commit e1538ae75e37b14905893d91c45dd044d32a7eb0
Author: Doug Shelley <email address hidden>
Date: Tue Sep 29 02:41:30 2015 +0000

    Fix publish_exists_event authentication exception

    The nova client created by create_nova_admin_client was throwing
    an Authentication exception. In order to properly create this client,
    novaclient needs tenant_id set to a tenant-id. Note: novaclient
    documents that project-id is specifically a tenant-name and from
    what I can tell it isn't required for Trove use-cases.

    Added a unit test to check that create_nova_admin_client causes
    a nova client to get instantiated with the correct params.

    Change-Id: I34d7d9dd36117bff796db22b851656ba78988558
    Closes-bug: 1473550

Changed in trove:
status: In Progress → Fix Committed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to trove (stable/liberty)

Fix proposed to branch: stable/liberty
Review: https://review.openstack.org/230338

Nikhil Manchanda (slicknik)
Changed in trove:
milestone: none → liberty-rc2
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to trove (stable/liberty)

Reviewed: https://review.openstack.org/230338
Committed: https://git.openstack.org/cgit/openstack/trove/commit/?id=37aea11d771eb7cb7706ea9f5f641cbe42a72fc8
Submitter: Jenkins
Branch: stable/liberty

commit 37aea11d771eb7cb7706ea9f5f641cbe42a72fc8
Author: Doug Shelley <email address hidden>
Date: Tue Sep 29 02:41:30 2015 +0000

    Fix publish_exists_event authentication exception

    The nova client created by create_nova_admin_client was throwing
    an Authentication exception. In order to properly create this client,
    novaclient needs tenant_id set to a tenant-id. Note: novaclient
    documents that project-id is specifically a tenant-name and from
    what I can tell it isn't required for Trove use-cases.

    Added a unit test to check that create_nova_admin_client causes
    a nova client to get instantiated with the correct params.

    (cherry picked from commit e1538ae75e37b14905893d91c45dd044d32a7eb0)
    Change-Id: I34d7d9dd36117bff796db22b851656ba78988558
    Closes-bug: 1473550

tags: added: in-stable-liberty
Thierry Carrez (ttx)
Changed in trove:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in trove:
milestone: liberty-rc2 → 4.0.0
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to trove (master)

Fix proposed to branch: master
Review: https://review.openstack.org/235145

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to trove (master)

Reviewed: https://review.openstack.org/235145
Committed: https://git.openstack.org/cgit/openstack/trove/commit/?id=7dcc70937436a84081aa47913f3d67ee257a487f
Submitter: Jenkins
Branch: master

commit 5bc4d898634006acaef66dc07bffe7bdc6730dcf
Author: Peter Stachowski <email address hidden>
Date: Mon Sep 21 18:00:56 2015 -0400

    Fix promote for Redis datastore

    The 'set' command in the Python client interpretes None as the
    string 'None.' If no password is set on the master, a detach/attach
    (such as is done with promote) will have the slaves try and use 'none'
    as a password. This will cause them to not be able to connect to the
    master and leave them in a detached state.

    The 'masterpass' is now set to an empty string if no password is set.
    The restart of Redis was also moved before attaching the slave,
    so that the mapped CONFIG command is recognized properly. This is
    required so that setting the master password completes successfully.

    (cherry picked from commit 6c4db5d327df7e10f7a0bf38deaee0db4fe2ee5a)
    Closes-Bug: #1498208
    Change-Id: Ibc842b95fd191908d4fac420030f84393c696013
    Depends-On: Ida0aa155b1e1ec7b8e9fa73006d3db9a88ffea02

commit 37aea11d771eb7cb7706ea9f5f641cbe42a72fc8
Author: Doug Shelley <email address hidden>
Date: Tue Sep 29 02:41:30 2015 +0000

    Fix publish_exists_event authentication exception

    The nova client created by create_nova_admin_client was throwing
    an Authentication exception. In order to properly create this client,
    novaclient needs tenant_id set to a tenant-id. Note: novaclient
    documents that project-id is specifically a tenant-name and from
    what I can tell it isn't required for Trove use-cases.

    Added a unit test to check that create_nova_admin_client causes
    a nova client to get instantiated with the correct params.

    (cherry picked from commit e1538ae75e37b14905893d91c45dd044d32a7eb0)
    Change-Id: I34d7d9dd36117bff796db22b851656ba78988558
    Closes-bug: 1473550

commit 98ff71917e209e19223105921c2a50c3d89cd2ad
Author: Andreas Jaeger <email address hidden>
Date: Thu Sep 24 21:25:48 2015 +0200

    Cleanup of Translations

    In preparation for the release, do some cleanups for translations.

    Removes all po files that are partially translated. The translation
    team has decided to exclude files with less than 66 % of translated
    content. There is no content lost, all data is in the translation
    server, we just remove it from the repository (not applicable to trove).

    This updates also recreates pot (translation source files) to
    reflect the state of the repository in case there was no recent
    import for them.

    This change needs to be done manually since the automatic import does
    not handle some of these cases.

    Change-Id: Iefe0a9ce6f980fdc1f107e9bb25a171fd505b135

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.