Container security policy fetch prevents creating container when using ceph
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
Incomplete
|
Undecided
|
Unassigned | ||
python-swiftclient |
New
|
Undecided
|
Unassigned |
Bug Description
Starting in Ussuri release (horizon 18.3.0), horizon tries to pull a list of security policies from swift so you can choose during creation. If you are using ceph as your object storage, this check fails to get the list of policies and the fetch fails and prevents you from creating any containers. Containers and objects can still be manipulated via CLI.
Dashboard error message is thrown upon clicking Object-Store > Containers dashboard.. "Error: Unable to fetch the policy details." You can see existing containers, but unable to create any new ones. Security Policy isn't fetched and is required to create one in horizon.
Basically it seems with the new feature in horizon, it totally breaks the dashboard functionality if you are using ceph as your backend.
environment details:
CentOS 8.1
Openstack Ussuri
openstack-
Ceph Octopus 15.2.2
apparent culprit: https:/
Did some more research on this. It isn't strictly a bug in horizon, but rather a shortfall in swiftclient. Swiftclient isn't capable of reading capabilities from ceph and cannot read policies by default. Modifying /usr/lib/ python3. 6/swiftclient/ client. py to use the modified /swift/info url that ceph provides and restarting httpd and memcached fixes the issue. Without this modification the new horizon feature still blocks creation of new containers by default. Either swiftclient needs fixing to allow for ceph schema or horizon needs an option to ignore this (prefer swiftclient feature tbh)