InstanceLocalityFilter fails with Keystone error 401
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cinder |
Fix Released
|
Undecided
|
György Szombathelyi |
Bug Description
Tryint to use InstanceLocalit
Unauthorized: The request you have made requires authentication. (HTTP 401)
The call trace in cinder:
.
.
.
File "/usr/lib/
2017-04-26 15:08:59.465 8141 ERROR cinder.
2017-04-26 15:08:59.465 8141 ERROR cinder.
2017-04-26 15:08:59.465 8141 ERROR cinder.
2017-04-26 15:08:59.465 8141 ERROR cinder.
2017-04-26 15:08:59.465 8141 ERROR cinder.
.
.
.
So the extension listing throws the error.
The problem is in cinder/
It tries to create a Keystone Password auth plugin with the user context, but this context doesn't have a password, only a token. So there should be two cases:
1. create a Password plugin when the privileged user is requested (would be nice to have a [nova] section for this, like in other components. The current settings are obscure, and does not cover all the Keystone v3 settings).
2. create a Token plugin when the user context is used.
Changed in cinder: | |
status: | New → Confirmed |
assignee: | nobody → wangxiyuan (wangxiyuan) |
Fix proposed to branch: master /review. openstack. org/460541
Review: https:/