Novaclient does not support v3 Keystone API
Bug #1522402 reported by
Bogdan
This bug affects 10 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-novaclient |
Fix Released
|
High
|
Andriy Kurilin |
Bug Description
I am trying to setup Keystone Federation to a 3rd party Identity Provider via SAML2 and SSO for Horizon (all this on Kilo) and I believe I did these but as a consequence I now need to configure all OpenStack services to use v3 Keystone API as well as SSL.
It seems that the novaclient does not support the v3 of Keystone API thus many operations in Nova and Neutron fail.
How can I enable v3 in my Kilo stack? Is it possible?
Thanks in advance!
Changed in python-novaclient: | |
assignee: | nobody → Mohammed Ashraf (mohammed-asharaf) |
status: | Confirmed → In Progress |
Changed in python-novaclient: | |
assignee: | Mohammed Ashraf (mohammed-asharaf) → nobody |
Changed in python-novaclient: | |
assignee: | nobody → Andrey Kurilin (andreykurilin) |
Changed in python-novaclient: | |
assignee: | Andrey Kurilin (andreykurilin) → John Garbutt (johngarbutt) |
Changed in python-novaclient: | |
assignee: | John Garbutt (johngarbutt) → nobody |
To post a comment you must log in.
It's true, novaclient doesn't yet support v3 keystone auth, that is, it doesn't support the request/response format for the keystone v3 tokens call. The openstackclient, however, does have support [1]. The openstackclient uses novaclient underneath for calling nova apis, so as long as a call is made through novaclient with an already obtained token, it works (openstackclient code obtains the token and passes it through novaclient code). Similarly, nova should work (albeit unaware of any hierarchical tenancy concepts) as long as the api is called with the v3 token. That means usual calls work but you can't assign hierarchical project quota, for example.
Hope this helps.
[1] http:// docs.openstack. org/developer/ python- openstackclient /authentication .html#authentic ating-using- identity- server- api-v3