Ironic

Glance client doesn't properly honor noauth

Bug #1323781 reported by Josh Gachnang on 2014-05-27

6

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Ironic	Invalid	Low	Josh Gachnang

Bug Description

There is no way to set the Glance client to use noauth. service_utils.py currently sets auth_strategy to None, which 'noauth' is more appropriate. If setting auth_strategy to None is valid in some cases, then there should be a separate way to signal noauth when communicating with Glance.

Revision history for this message

Josh Gachnang (joshnang) wrote on 2014-05-27:

#1

I've been using noauth for some of our testing and have the fix for this in the agent driver patch, but it should be broken out to address this separately.

Changed in ironic:
assignee:	nobody → Josh Gachnang (joshnang)

Revision history for this message

Dmitry Tantsur (divius) wrote on 2014-06-03:

#2

Hi Josh! You're assigned to this bug, but status is New. Could you update either status or assignee accordingly?

Revision history for this message

Dmitry Tantsur (divius) wrote on 2014-06-04:

#3

Also, auth_strategy seems to be set from configuration inside image_service.py. There's nothing related in service_utils.py. Could you specify what exactly the problem is?

Changed in ironic:
status:	New → Incomplete

Revision history for this message

Josh Gachnang (joshnang) wrote on 2014-06-09:

#4

Ahh yes I wasn't very clear here. So, is_image_available does some checks, and really, the whole thing should be short circuited if CONF.glance.auth_strategy == 'noauth'. The current change is here: https://review.openstack.org/#/c/84795/96/ironic/common/glance_service/service_utils.py. I'm not convinced that is the best way to handle it, but it did work in my testing.

Revision history for this message

Dmitry Tantsur (divius) wrote on 2014-06-16:

#5

Got it, thank you. Please separate that change from the agent patch and mark it as fixing this bug

Changed in ironic:
status:	Incomplete → In Progress
importance:	Undecided → Low

Revision history for this message

Dmitry Tantsur (divius) wrote on 2014-09-22:

#6

Hi Josh! Could you give a status update on this bug? Does it still need to be fixed?

Revision history for this message

Josh Gachnang (joshnang) wrote on 2014-09-23:

#7

It should be fixed! I'll propose something today (since I already wrote the code and just need to pull it from the abandoned patch)

Revision history for this message

Josh Gachnang (joshnang) wrote on 2014-09-23:

#8

Looking at the code, it already handles noauth. I think we had something misconfigured in our Glance that made me think there was a bug.

Changed in ironic:
status:	In Progress → Invalid

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.