Cinder

pagination and href bookmarks are wrong when using https

Bug #1655504 reported by Sam Morrison
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Cinder
New
Undecided
Unassigned
OpenStack Compute (nova)
Incomplete
Undecided
Unassigned

Bug Description

We have an SSL LB in front of our cinder-api service.

I have set
public_endpoint = https://cinder.rc.nectar.org.au:8776/
in cinder.conf

When doing a cinder --debug show I can see

curl -g -i -X GET https://cinder.rc.nectar.org.au:8776/v2/1/volumes/1f9366e9-8080-4a41-9c94-e4c3a73abbc5

In the response I see:

{"href": "http://cinder.rc.nectar.org.au:8776/1/volumes/1f9366e9-8080-4a41-9c94-e4c3a73abbc5", "rel": "bookmark"}

Note it is http not https.

This also breaks pagination:

cinder list --all-tenants
ERROR: Unable to establish connection to http://cinder.rc.nectar.org.au:8776/v2/1/volumes/detail?all_tenants=1&marker=1f9366e9-8080-4a41-9c94-e4c3a73abbc4

Sever version is stable/mitaka
Client version is 1.6.0

Sam Morrison (sorrison)
summary: - href bookmarks are wrong when using https
+ pagination and href bookmarks are wrong when using https
Revision history for this message
Sam Morrison (sorrison) wrote :

Also noted this affects nova too, pagination works but href links to things like flavours are returned as http links not https

Revision history for this message
Sam Morrison (sorrison) wrote :

OK sorry I found the config option for this in cinder:

osapi_volume_base_URL

I had set

public_endpoint

which seems like it should've done what I wanted. It looks like these 2 config options would always be set to the same value and could possibly be merged

jichenjc (jichenjc)
Changed in nova:
assignee: nobody → jichenjc (jichenjc)
Revision history for this message
jichenjc (jichenjc) wrote :

I believe it's against nova something like following? this is newton version........

my endpoint are https and the href did return in https format, should I test with other method?
the

stack@devstack:~$ nova --debug list
...

RESP BODY: {"servers": [{"OS-EXT-STS:task_state": null, "addresses": {"private": [{"OS-EXT-IPS-MAC:mac_addr": "fa:16:3e:2a:bf:35", "version": 4, "addr": "10.0.0.4", "OS-EXT-IPS:type": "fixed"}, {"OS-EXT-IPS-MAC:mac_addr": "fa:16:3e:2a:bf:35", "version": 6, "addr":
"fda4:693b:8e78:0:f816:3eff:fe2a:bf35", "OS-EXT-IPS:type": "fixed"}]}, "links": [{"href": "http://192.168.123.10:8774/v2.1/servers/df09dcd4-249d-4fb5-bc9d-9312fb9131f9", "rel": "self"}, {"href": "http://192.168.123.10:8774/servers/df09dcd4-249d-4fb5-bc9d-9312fb9131f9", "rel": "bookmark"}], "image": {"id": "5317edda-f979-416a-8462-56ef8bf3076e", "links": [{"href": "http://192.168.123.10:8774/images/5317edda-f979-416a-8462-56ef8bf3076e", "rel": "bookmark"}]}, "OS-EXT-STS:vm_state": "active", "OS-SRV-USG:launched_at": "2017-03-27T10:48:05.000000", "flavor": {"id": "1", "links": [{"href": "http://192.168.123.10:8774/flavors/1", "rel": "bookmark"}]}, "id": "df09dcd4-249d-4fb5-bc9d-9312fb9131f9", "security_groups": [{"name": "default"}], "OS-SRV-USG:terminated_at": null, "user_id": "09deb07277754d57a4df953b1694c5b7", "OS-DCF:diskConfig": "MANUAL", "accessIPv4": "", "accessIPv6": "", "progress": 0, "OS-EXT-STS:power_state": 1, "OS-EXT-AZ:availability_zone": "nova", "metadata": {}, "status": "ACTIVE", "updated": "2017-03-27T10:48:06Z", "hostId": "c56a0fbc8b839cf48eaccd0875e803fa855c2ef2e139a3b779f6b972", "description": null, "tags": [], "key_name": null, "locked": false, "name": "ji1", "created": "2017-03-27T10:28:54Z", "tenant_id": "91b450b1657a4f10a20590ca8fb6b6d0", "os-extended-volumes:volumes_attached": [], "config_drive": ""}]}

Changed in nova:
status: New → Incomplete
Sean Dague (sdague)
Changed in nova:
assignee: jichenjc (jichenjc) → nobody
Revision history for this message
Sean Dague (sdague) wrote :

Automatically discovered version mitaka in description. If this is incorrect, please update the description to include 'nova version: ...'

tags: added: openstack-version.mitaka
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.