quotas calls fail when CONF.keymgr.encryption_auth_url is not configured

Bug #1516085 reported by Michal Dulko on 2015-11-13
76
This bug affects 12 people
Affects Status Importance Assigned to Milestone
Cinder
Medium
Michal Dulko
Liberty
Undecided
Szymon Borkowski
Mitaka
Medium
Michal Dulko
cinder (Juju Charms Collection)
High
James Page
cinder (Ubuntu)
Medium
Corey Bryant
Wily
High
James Page
Xenial
Medium
Corey Bryant

Bug Description

Quotas calls fail when aforementioned option is not configured and our Keystone host is somewhere else than c-api's host. This is due to the fact that the option defaults to localhost's Keystone v3.

To fix we would need to modify:

https://github.com/openstack/cinder/blob/master/cinder/api/contrib/quotas.py#L183

We're using the config option instead of working with service catalog (available in RequestContext) to find proper Keystone endpoint.

Changed in cinder:
milestone: none → mitaka-1
Tobias Urdin (tobias-urdin) wrote :

Confirmed when I upgraded from Kilo to Liberty in our staging environment.

James Page (james-page) on 2015-11-23
Changed in cinder (Juju Charms Collection):
status: New → Confirmed
importance: Undecided → High
tags: added: backport-potential openstack
James Page (james-page) on 2015-11-23
Changed in cinder (Juju Charms Collection):
status: Confirmed → Triaged
Changed in cinder (Ubuntu Wily):
status: New → Triaged
importance: Undecided → High
Changed in cinder (Ubuntu Xenial):
importance: Undecided → Medium
status: New → Triaged

@Michal

Seems these three bugs are same bug reports of this bug report.
Could you confirm them and mark as duplicate for them?

https://bugs.launchpad.net/cinder/+bug/1517043
https://bugs.launchpad.net/cinder/+bug/1518513
https://bugs.launchpad.net/cinder/+bug/1509308

Fix proposed to branch: master
Review: https://review.openstack.org/251937

Changed in cinder:
assignee: Michal Dulko (michal-dulko-f) → Szymon Borkowski (szymon-borkowski)

Change abandoned by Michal Dulko (<email address hidden>) on branch: master
Review: https://review.openstack.org/245572
Reason: Abandoning in favor of https://review.openstack.org/#/c/251937/

Changed in cinder:
assignee: Szymon Borkowski (szymon-borkowski) → Michal Dulko (michal-dulko-f)
tags: added: liberty-backport-potential

Reviewed: https://review.openstack.org/251937
Committed: https://git.openstack.org/cgit/openstack/cinder/commit/?id=109353dedbe53201eb6999984c5658d9193115df
Submitter: Jenkins
Branch: master

commit 109353dedbe53201eb6999984c5658d9193115df
Author: Szymon Borkowski <email address hidden>
Date: Tue Dec 1 14:12:03 2015 +0100

    Use proper config option to connect to keystone

    Earlier, quotas used to authenticate to endpoint from not required
    option located in keymgr.encryption_auth_url. Now, the required
    auth_uri option from config file is used to authenticate to
    keystone.

    Co-Authored-By: Michal Dulko <email address hidden>
    Change-Id: I1076527704f8def2c6755c060df49232e5ebe805
    Closes-Bug: 1516085

Changed in cinder:
status: In Progress → Fix Committed
James Page (james-page) on 2015-12-07
Changed in cinder (Juju Charms Collection):
status: Triaged → Invalid

Reviewed: https://review.openstack.org/254700
Committed: https://git.openstack.org/cgit/openstack/cinder/commit/?id=fa7d0916d849e9c6f93e08f8323eb2a886bcffc0
Submitter: Jenkins
Branch: stable/liberty

commit fa7d0916d849e9c6f93e08f8323eb2a886bcffc0
Author: Szymon Borkowski <email address hidden>
Date: Tue Dec 1 14:12:03 2015 +0100

    Use proper config option to connect to keystone

    Earlier, quotas used to authenticate to endpoint from not required
    option located in keymgr.encryption_auth_url. Now, the required
    auth_uri option from config file is used to authenticate to
    keystone.

    Co-Authored-By: Michal Dulko <email address hidden>
    Change-Id: I1076527704f8def2c6755c060df49232e5ebe805
    Closes-Bug: 1516085
    (cherry picked from commit 109353dedbe53201eb6999984c5658d9193115df)

James Page (james-page) on 2015-12-15
Changed in cinder (Juju Charms Collection):
status: Invalid → Triaged
James Page (james-page) on 2015-12-15
Changed in cinder (Juju Charms Collection):
status: Triaged → In Progress
assignee: nobody → James Page (james-page)
milestone: none → 16.01
James Page (james-page) wrote :

Ubuntu SRU information

[Impact]
Quota operations fail unless the auth URL for key management is set in the cinder.conf file.

[Test Case]
Deploy OpenStack Liberty
cinder quota-show <tenant-id>
ERROR: The server has either erred or is incapable of performing the requested operation. (HTTP 500) (Request-ID: req-57d9c37b-56a1-47de-beb3-4a8b3de1d7e4)

[Regression Potential]
Minimal; fix is upstream in development and stable branches

Changed in cinder (Ubuntu Wily):
assignee: nobody → James Page (james-page)
Changed in cinder (Ubuntu Xenial):
assignee: nobody → Corey Bryant (corey.bryant)
Changed in cinder (Ubuntu Wily):
status: Triaged → In Progress
James Page (james-page) wrote :

Update for wily/liberty uploaded for SRU team review.

tags: added: kanban-cross-team
tags: removed: kanban-cross-team
James Page (james-page) on 2015-12-15
Changed in cinder (Juju Charms Collection):
status: In Progress → Fix Committed
James Page (james-page) on 2015-12-16
Changed in cinder (Juju Charms Collection):
status: Fix Committed → Fix Released

Hello Michal, or anyone else affected,

Accepted cinder into wily-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cinder/2:7.0.0-0ubuntu1.15.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in cinder (Ubuntu Wily):
status: In Progress → Fix Committed
tags: added: verification-needed

This issue was fixed in the cinder 7.0.1 release (liberty).

James Page (james-page) on 2016-01-04
tags: added: verification-done
removed: verification-needed
Changed in cinder (Ubuntu Xenial):
status: Triaged → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cinder - 2:7.0.0-0ubuntu1.15.10.1

---------------
cinder (2:7.0.0-0ubuntu1.15.10.1) wily; urgency=medium

  * Ensure configured keystone endpoints are using in the Cinder quota
    module (LP: #1516085):
    - d/p/lp1516085.patch: Cherry pick fix from stable/liberty branch in
      advance of the next point release.

 -- James Page <email address hidden> Tue, 15 Dec 2015 12:07:17 +0000

Changed in cinder (Ubuntu Wily):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for cinder has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

James Page (james-page) wrote :

Promoted to liberty-updates in the UCA.

This issue was fixed in the openstack/cinder 8.0.0.0b2 development milestone.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers