In pike ssl deployment horizon cnt retrieve volumes/snapshots and service data via cinderclient
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
Fix Released
|
Medium
|
Akihiro Motoki | ||
keystoneauth |
Incomplete
|
Undecided
|
Unassigned | ||
python-cinderclient |
Fix Released
|
Medium
|
Ivan Kolodyazhny |
Bug Description
Ops packages versions:
openstack-
openstack-
openstack-
openstack-
openstack-
openstack-
openstack-
openstack-
openstack-
openstack-
openstack-
openstack-
openstack-
openstack-
python2-
Only after applying hard-coded links to certificate in cinder-client and keystone, the dashboard starts working:
/cinderclient/
if self.timeout:
resp = requests.request(
method,
url,
+ cert = ("/etc/
/keystoneauth1/
def __init__(self, auth=None, session=None, original_ip=None, verify=True,
self.auth = auth
self.verify = verify
- self.cert = cert
+ self.cert = ("/etc/
if discovery_cache is None:
description: | updated |
description: | updated |
Changed in python-cinderclient: | |
status: | New → Confirmed |
assignee: | nobody → Ivan Kolodyazhny (e0ne) |
Changed in horizon: | |
status: | New → Confirmed |
assignee: | nobody → Ivan Kolodyazhny (e0ne) |
importance: | Undecided → Medium |
Changed in python-cinderclient: | |
importance: | Undecided → Medium |
Changed in horizon: | |
assignee: | Ivan Kolodyazhny (e0ne) → Akihiro Motoki (amotoki) |
Changed in python-cinderclient: | |
status: | Confirmed → Fix Released |
I am not sure what is happening here that is causing the certificate information to not be passed down. It seems like cinderclient is using requests directly (in Pike). And whatever else is calling keystoneauth is not passing the cert value to keystoneauth. If the cert values are not passed to keystone auth it is not possible for KSA to understand where to get the cert information from.
I am not sure what we need to do to solve this directly or if it is still an issue. Can you post your tracebackes/errors?
Marking incomplete until we have more information.