Glance

Glance api fails to set image to active after upload when user token expires or is revoked.

Bug #1182536 reported by Alex Meade
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Glance
Fix Released
Medium
Alex Meade
Glance 2013.2 "havana"

Bug Description

Glance Api fails to set image to active after upload when user token expires or is revoked.

1) glance image-create --name test-upload-delete --disk-format vhd --container-format ovf < ~/ubuntu
2) update token set valid = 0;
3) see error and receive 500 on post request
500 Internal Server Error
The server has either erred or is incapable of performing the requested operation.
    (HTTP 500)

Glance logs during upload and token expiration:

http://paste.openstack.org/show/37535/

There is currently code in the registry client that will allow for reauths with admin credentials on failure, but it is currently broken. If configured, glance api should perform this reauth and finish the request.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to glance (master)

Fix proposed to branch: master
Review: https://review.openstack.org/29967

Flavio Percoco (flaper87)
tags: added: grizzly-backport-potential
tags: removed: grizzly-backport-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to glance (master)

Reviewed: https://review.openstack.org/29967
Committed: http://github.com/openstack/glance/commit/be34808c7b4ad113cebd3c3a96a46a9e1cd551c7
Submitter: Jenkins
Branch: master

commit be34808c7b4ad113cebd3c3a96a46a9e1cd551c7
Author: Alex Meade <email address hidden>
Date: Tue May 21 11:49:59 2013 -0400

    Make passing user token to registry configurable

    This patch adds CONF.use_user_token as a config option. When true, glance will
    continue to use the user token when communicating with glance registry. When
    false, glance will read admin credentials from the config and use those to
    communicate with glance registry. Using admin credentials allow for
    reauthentication when tokens expire and prevents requests from silently failing.

    DocImpact
    Fixes bug 1182536

    Change-Id: Ia6b563677eb67d4069571c82b9dad3f025b6e9fb

Changed in glance:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in glance:
milestone: none → havana-2
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in glance:
milestone: havana-2 → 2013.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers