templated Catalog backend does not support listing services or endpoints
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
David Stanek |
Bug Description
Recently we switched from using the SQL backend for the Catalog Keystone component to using the templated Catalog backend. We switched for performance reasons -- SQL connection performance over WAN was unacceptable -- as well as the fact that novaclient and the Keystone API itself apparently has no way of filtering endpoints based on an availability zone, and the client simply picks the first compute endpoint it finds in the region
Sidenote: did nobody think about cases where there is >1 availability zone per region? :( See my summit proposal on this topic: http://
Anyway, I got the templated Catalog backend going without too much fuss, but then I noticed the following:
<email address hidden> 18:38:14:~# keystone service-list
No handlers could be found for logger "keystoneclient
Unable to communicate with identity service: 404 Not Found
The resource could not be found.
. (HTTP 404)
<email address hidden> 18:38:18:~# keystone endpoint-list
No handlers could be found for logger "keystoneclient
Unable to communicate with identity service: 404 Not Found
The resource could not be found.
. (HTTP 404)
<email address hidden> 18:38:20:~# keystone catalog
Service: volume
+------
| Property | Value |
+------
| adminURL | http://
| internalURL | http://
| publicURL | http://
| region | ci |
+------
Service: image
+------
| Property | Value |
+------
| adminURL | http://
| internalURL | http://
| publicURL | http://
| region | ci |
+------
Service: compute
+------
| Property | Value |
+------
| adminURL | https:/
| internalURL | https:/
| publicURL | https:/
| region | ci |
+------
Service: ec2
+------
| Property | Value |
+------
| adminURL | https:/
| internalURL | https:/
| publicURL | https:/
| region | ci |
+------
Service: identity
+------
| Property | Value |
+------
| adminURL | https:/
| internalURL | https:/
| publicURL | https:/
| region | ci |
+------
The service and endpoint lists should be trivial to implement since the catalog already contains this information. In addition, the error message returned from keystone service-list and keystone endpoint-list should be a 501 Not Implemented, not a 404 Not Found.
Note that this affects both Folsom and trunk.
Changed in keystone: | |
assignee: | nobody → Jay Pipes (jaypipes) |
Changed in keystone: | |
assignee: | nobody → Lin Hua Cheng (lin-hua-cheng) |
Changed in keystone: | |
assignee: | Lin Hua Cheng (lin-hua-cheng) → David Stanek (dstanek) |
Note that this is due to the way the KVS catalog driver works... it is not written to account for when a user/tenant catalog KVS item does not exist, and so switching to templated catalog and doing a keystone user-list will result in a 404 Not Found being returned by Keystone. :(