nova is still broken with boto==2.35*
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
High
|
Andrey Pavlov | ||
Juno |
Fix Released
|
High
|
Attila Fazekas | ||
OpenStack Identity (keystone) |
Invalid
|
Medium
|
Unassigned |
Bug Description
Bug 1408987 fixed one auth issue with the signature handling:
https:/
But when trying to uncap the requirement on master we hit two new failures when trying to create a security group, we get auth failures (401 failures to be exact).
Copied from comment 14 of bug 1408987:
This is still broken on master, when I tried to uncap the boto version on master I get new auth failures:
2015-01-12 19:11:36.102 | tempest.
2015-01-12 19:11:36.102 | -------
2015-01-12 19:11:36.102 |
2015-01-12 19:11:36.102 | Captured traceback:
2015-01-12 19:11:36.102 | ~~~~~~~~~~~~~~~~~~~
2015-01-12 19:11:36.103 | Traceback (most recent call last):
2015-01-12 19:11:36.103 | _StringException: Empty attachments:
2015-01-12 19:11:36.103 | stderr
2015-01-12 19:11:36.103 | stdout
2015-01-12 19:11:36.103 |
2015-01-12 19:11:36.103 | pythonlogging:'': {{{
2015-01-12 19:11:36.103 | 2015-01-12 19:07:12,279 27381 DEBUG [keystoneclient
2015-01-12 19:11:36.103 | 2015-01-12 19:07:13,359 27381 ERROR [boto] 401 Unauthorized
2015-01-12 19:11:36.103 | 2015-01-12 19:07:13,359 27381 ERROR [boto] <?xml version="1.0"?>
2015-01-12 19:11:36.103 | <Response>
2015-01-12 19:11:36.104 | }}}
2015-01-12 19:11:36.104 |
2015-01-12 19:11:36.104 | Traceback (most recent call last):
2015-01-12 19:11:36.104 | File "tempest/
2015-01-12 19:11:36.104 | group_description)
2015-01-12 19:11:36.104 | File "tempest/
2015-01-12 19:11:36.104 | return getattr(conn, name)(*args, **kwargs)
2015-01-12 19:11:36.104 | File "/usr/local/
2015-01-12 19:11:36.104 | SecurityGroup, verb='POST')
2015-01-12 19:11:36.105 | File "/usr/local/
2015-01-12 19:11:36.105 | raise self.ResponseEr
2015-01-12 19:11:36.105 | EC2ResponseError: EC2ResponseError: 401 Unauthorized
2015-01-12 19:11:36.105 | <?xml version="1.0"?>
2015-01-12 19:11:36.105 | <Response>
It's something to do with security groups this time.
2015-01-12 19:07:13.357 24624 DEBUG nova.api.ec2.faults [-] EC2 error response: AuthFailure: Unauthorized ec2_error_response /opt/stack/
Changed in keystone: | |
status: | New → Triaged |
importance: | Undecided → Medium |
Changed in nova: | |
assignee: | nobody → Andrey Pavlov (apavlov-e) |
status: | Triaged → Fix Committed |
Changed in nova: | |
milestone: | none → kilo-2 |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
status: | Triaged → Invalid |
Changed in nova: | |
milestone: | kilo-2 → 2015.1.0 |
The keystone log has a warning for the same failures:
http:// logstash. openstack. org/#eyJzZWFyY2 giOiJtZXNzYWdlO lwiQXV0aG9yaXph dGlvbiBmYWlsZWQ uIEVDMiBzaWduYX R1cmUgbm90IHN1c HBsaWVkXCIgQU5E IHRhZ3M6XCJzY3J lZW4ta2V5LnR4dF wiIiwiZmllbGRzI jpbXSwib2Zmc2V0 IjowLCJ0aW1lZnJ hbWUiOiI2MDQ4MD AiLCJncmFwaG1vZ GUiOiJjb3VudCIs InRpbWUiOnsidXN lcl9pbnRlcnZhbC I6MH0sInN0YW1wI joxNDIxMjA1ODE5 MDkwLCJtb2RlIjo iIiwiYW5hbHl6ZV 9maWVsZCI6IiJ9
So those actually show up in logstash. They only hit on the change to uncap the version:
https:/ /review. openstack. org/#/c/ 146592/