With TLS everywhere, access to the database is denied unless TLS is enabled. This seems to be the issue with the aforementioned script. When we enable TLs everywhere, that script fails with the following error:
...
" File \"/usr/lib64/python2.7/site-packages/sqlalchemy/engine/strategies.py\", line 106, in connect",
" return dialect.connect(*cargs, **cparams)",
" File \"/usr/lib64/python2.7/site-packages/sqlalchemy/engine/default.py\", line 410, in connect",
" return self.dbapi.connect(*cargs, **cparams)",
" File \"/usr/lib/python2.7/site-packages/pymysql/__init__.py\", line 94, in Connect",
" return Connection(*args, **kwargs)",
" File \"/usr/lib/python2.7/site-packages/pymysql/connections.py\", line 327, in __init__",
" self.connect()",
" File \"/usr/lib/python2.7/site-packages/pymysql/connections.py\", line 598, in connect",
" self._request_authentication()",
" File \"/usr/lib/python2.7/site-packages/pymysql/connections.py\", line 862, in _request_authentication",
" auth_packet = self._process_auth(plugin_name, auth_packet)",
" File \"/usr/lib/python2.7/site-packages/pymysql/connections.py\", line 933, in _process_auth",
" pkt = self._read_packet()",
" File \"/usr/lib/python2.7/site-packages/pymysql/connections.py\", line 683, in _read_packet",
" packet.check_error()",
" File \"/usr/lib/python2.7/site-packages/pymysql/protocol.py\", line 220, in check_error",
" err.raise_mysql_exception(self._data)",
" File \"/usr/lib/python2.7/site-packages/pymysql/err.py\", line 109, in raise_mysql_exception",
" raise errorclass(errno, errval)",
"OperationalError: (pymysql.err.OperationalError) (1045, u\"Access denied for user 'nova_api'@'172.16.2.152' (using password: YES)\") (Background on this error at: http://sqlalche.me/e/e3q8)",
"(cellv2) Service registered, running discovery",
"stderr: + command -v python3",
"+ command -v python2",
"+ python2 /docker-config-scripts/nova_cell_v2_discover_host.py"
Fix proposed to branch: master
Review: https:/