No valid host was found with legacy SSL options
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Placement Charm |
New
|
Undecided
|
Unassigned |
Bug Description
The placement ssl is configured using the legacy options:
placement:
options:
ssl_ca: *ssl_ca
ssl_cert: *ssl_cert
ssl_key: *ssl_key
The instance creation is failing with "No valid host found" error:
https:/
After further investigation, starting multiple instances (all failing with the same error), the related nova-scheduler logs are showing the root cause: https:/
The nova-scheduler is trying to reach the placement api as a plain http instead of TLS, meanwhile the keystone configuration is properly showing the right endpoint urls:
$ openstack endpoint list | grep placement
| 1c5664855260447
| 9a52fbd1dd50452
| ad53e52999c9493
The workaround was the system restart nova-scheduler on each nova cloud controller units. After the service restart the scheduler properly used the https:// endpoint. This can be a race-condition between nova-scheduler service restart and placement api ssl configuration.