Ironic

Naming a node "detail" confuses Ironic

Bug #1572651 reported by Lucas Alvares Gomes on 2016-04-20

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	Ironic	Fix Released	Medium	Lucas Alvares Gomes

Bug Description

Apart from UUIDs, Ironic supports adding a logical name to the node which will be used as an identifier. The way we fetch a node by its name in the API is issuing a GET to the http://<address>/v1/nodes/<node name>.

Ironic also have a endpoint called "detail" v1/nodes [0], so if we name a node "detail" Ironic will get confused about it.

See output: http://paste.openstack.org/show/494847/

My suggestion to fix this problem is that we should prevent a node from being called "detail" (which is odd but...)

[0] http://docs.openstack.org/developer/ironic/webapi/v1.html#get--v1-nodes-detail

See original description

Tags:

Lucas Alvares Gomes (lucasagomes) on 2016-04-20

Changed in ironic:
assignee:	nobody → Lucas Alvares Gomes (lucasagomes)
status:	New → Confirmed
importance:	Undecided → Medium
summary:	- Naming a node "detail" or "validate" confuses Ironic + Naming a node "detail" confuses Ironic

Lucas Alvares Gomes (lucasagomes) on 2016-04-20

description:

updated

Revision history for this message

aeva black (tenbrae) wrote on 2016-04-20:

Naming a node "states" causes a similar error:

$ ironic node-show states
Missing argument: "node_ident" (HTTP 400)

Revision history for this message

aeva black (tenbrae) wrote on 2016-04-20:

$ ironic node-show validate
Expected a logical name or uuid but received None. (HTTP 400)

$ ironic node-show ports
Node identifier not specified. (HTTP 400)

$ ironic node-show vendor_passthru
Missing argument: "node_ident" (HTTP 400)

$ ironic node-show management
Method Not Allowed (HTTP 405)

$ ironic node-show maintenance
Method Not Allowed (HTTP 405)

aeva black (tenbrae) on 2016-04-20

tags:

added: api

Revision history for this message

aeva black (tenbrae) wrote on 2016-04-20:

After thinking about this some more, I believe the initial report and my last two comments are actually separate bugs, even though they manifest similar behaviour (some node names are implicitly not allowed today).

GET /v1/nodes/detail ==> valid request, should return detailed information about all nodes, fails IFF there is a node named "detail"

GET /v1/nodes/ports ==> parsed incorrectly by pecan/wsme, should return information about a node named "ports" if it exists, fails because pecan recognizes "ports" as a member of NodesController and an instance of port.PortsController() and does not parse an identifier in the URI.

I suggest we catalogue all of these "reserved names" and check for them when ever updating a Node name. I would also suggest implementing this _without_ increasing the API version, because we want to enforce the correct behaviour regardless of the age of the client.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-04-21: Fix proposed to ironic (master)

Fix proposed to branch: master
Review: https://review.openstack.org/308965

Changed in ironic:
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-06: Fix merged to ironic (master)

Reviewed: https://review.openstack.org/308965
Committed: https://git.openstack.org/cgit/openstack/ironic/commit/?id=8e5e69869df476788b3ccf7e5ba6c2210a98fc8a
Submitter: Jenkins
Branch: master

commit 8e5e69869df476788b3ccf7e5ba6c2210a98fc8a
Author: Lucas Alvares Gomes <email address hidden>
Date: Fri Apr 22 13:58:08 2016 +0100

API: Check for reserved words when naming a node

    This patch is introducing a mechanism which prevents nodes to be named
    with some reserved words that are implicitly not allowed today due the
    way the Ironic API works.

    For example, the way we fetch a node by its name in the API is issuing
    a GET to the http://<address>/v1/nodes/<node name> but, we have some
    words that are valid endpoints under the same path. One example is of it
    is the /detail endpoint, a GET request to v1/nodes/detail should return
    detailed information about all the nodes.

    Apart from that, due the way pecan/wsme parses/routes the requests
    the words 'ports', 'vendor_passthru', 'management', 'maintenance' can
    not be used. These words are attributes pointing to a controller in the
    node's API object (e.g v1/nodes/(ident)/ports) and naming a node as such
    confuses pecan/wsme.

The API microversion was not bumped because this error should be
prevented across all versions.

Closes-Bug: #1572651
Change-Id: Ibba5ed16e6961805864bdf46b94296b1b0c09469

Changed in ironic:
status:	In Progress → Fix Released

Revision history for this message

Ruby Loo (rloo) wrote on 2016-05-09:

Not sure if it is clear, but these are the reserved words (cannot name a node with these names): maintenance, management, ports, states, vendor_passthru, validate and detail.

Revision history for this message

Ruby Loo (rloo) wrote on 2016-05-09:

Discussed with Lucas and Sam on IRC [1], to understand what will/should happen going forward.

1. We'll have to keep these reserved words in V1
2. Make sure in future Vs, that we do things correctly
3. Correct thing is when adding sub controllers to NodesController, we make it a parameter instead of an endpoint. So e.g.: instead of v1/nodes/(ident)/NEWTHING, we do /nodes/(ident)?NEWTHING=True. This will be inconsistent with existing calls though.

[1] http://eavesdrop.openstack.org/irclogs/%23openstack-ironic/%23openstack-ironic.2016-05-09.log.html#t2016-05-09T14:32:52

Revision history for this message

Thierry Carrez (ttx) wrote on 2016-06-22: Fix included in openstack/ironic 6.0.0

This issue was fixed in the openstack/ironic 6.0.0 release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.