keystoneauth

"Could not find requested endpoint in Service Catalog" when requesting unavailable identity endpoint

Bug #1709658 reported by Colleen Murphy on 2017-08-09

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	keystoneauth	Fix Released	Undecided	Colleen Murphy

Bug Description

Before keystoneauth 3.x, I could have this in the service catalog:

And then with OS_IDENTITY_API_VERSION=3 and OS_AUTH_URL=http://192.168.166.81:5000/ I could successfully issue identity commands from openstackclient.

With keystoneauth 3.x, this fails with the message "EndpointNotFound: Could not find requested endpoint in Service Catalog."

Now - this seems to add up, since I requested version 3 and all that is available is version 2. But it is surprising that a) it worked before and b) that it has stopped working, which seems to indicate a break in backwards compatibility.

See original description

Revision history for this message

Monty Taylor (mordred) wrote on 2017-08-09:

Can you do:

curl http://192.168.166.81:5000/

and paste the output? (basically want to see if v3 is showing up in your version discovery document - which will help us track down what went wrong)

Revision history for this message

Colleen Murphy (krinkle) wrote on 2017-08-10:

Here's the output from the install where I found this, which was running liberty: http://paste.openstack.org/show/618012/

I've been able to reproduce with devstack on master as well by changing the identity endpoints to end in '/v2.0/' <--- and the trailing slash is critical.

OpenStack Infra (hudson-openstack) on 2017-08-10

Changed in keystoneauth:
assignee:	nobody → Colleen Murphy (krinkle)
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-08-14: Fix merged to keystoneauth (master)

Reviewed: https://review.openstack.org/492484
Committed: https://git.openstack.org/cgit/openstack/keystoneauth/commit/?id=88827a895fd8606ac708b8858fa735377dca9238
Submitter: Jenkins
Branch: master

commit 88827a895fd8606ac708b8858fa735377dca9238
Author: Colleen Murphy <email address hidden>
Date: Thu Aug 10 13:45:14 2017 +0200

Allow discovery URLs to have trailing slashes

    The _get_discovery_url_choices generator works by taking a starting URL,
    splitting it on '/', and working through the parts trying to get a
    matching discovery document from it. It makes assumptions about what the
    URL might look like: it might have a project ID on the end of it, and a
    version before that. If the starting URL has a trailing '/', splitting
    the URL results in an empty string at the end of the list of parts,
    which is then treated as a version. The real version is left on the URL
    while the generator assumes it has already trimmed the URL down to an
    unversioned endpoint. If that version does not match the version we're
    seeking, the resulting discovery document will be mismatched and the
    generator will fail to yield the right endpoint.

This patch normalizes the starting URL by removing the trailing '/', if
there is one. This way every part of the split URL will be meaningful.

Closes-bug: #1709658

Change-Id: I28c48f78d6f07804d6ea228f163dd37b0fcfcd58

Changed in keystoneauth:
status:	In Progress → Fix Released

Colleen Murphy (krinkle) on 2017-08-14

description:

updated

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-08-30: Fix included in openstack/keystoneauth 3.2.0

This issue was fixed in the openstack/keystoneauth 3.2.0 release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.