keystoneauth

keystoneauth doesn't cleanup session if it creates one

Bug #1838704 reported by Alex Schultz
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
keystoneauth
Fix Released
Low
Alex Schultz

Bug Description

If a session object is not provided to keystoneauth1.session.Session, the session that is created ends up not being properly closed. This leads to a ResourceWarning about an unclosed socket:

sys:1: ResourceWarning: unclosed <ssl.SSLSocket fd=3, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=6, laddr=('192.168.24.2', 51102), raddr=('192.168.24.2', 13000)>

$ cat keystoneauth.py
#!/usr/bin/python3 -Wd
import keystoneauth1.identity.generic as auth_plugin
from keystoneauth1 import session as ks_session
auth = auth_plugin.Token(
                auth_url='https://192.168.24.2:13000',
                project_domain_id='default',
                project_domain_name='Default',
                project_id='d25c0720341c499f981d4ddbcd2b6354',
                project_name='admin',
                token='<my magical token>'
            )
session = ks_session.Session(auth=auth, verify=False)
print(session.get_endpoint(service_type='network', endpoint_type='public', region_name='regionOne'))

This results in:
$ ./keystoneauth.py
/usr/lib64/python3.6/importlib/_bootstrap_external.py:426: ImportWarning: Not importing directory /usr/lib/python3.6/site-packages/repoze: missing __init__
  _warnings.warn(msg.format(portions[0]), ImportWarning)
/usr/lib64/python3.6/importlib/_bootstrap_external.py:426: ImportWarning: Not importing directory /usr/lib/python3.6/site-packages/paste: missing __init__
  _warnings.warn(msg.format(portions[0]), ImportWarning)
/usr/lib/python3.6/site-packages/pytz/__init__.py:499: ResourceWarning: unclosed file <_io.TextIOWrapper name='/usr/share/zoneinfo/zone.tab' mode='r' encoding='UTF-8'>
  for l in open(os.path.join(_tzinfo_dir, 'zone.tab'))
/usr/lib/python3.6/site-packages/eventlet/patcher.py:1: DeprecationWarning: the imp module is deprecated in favour of importlib; see the module's documentation for alternative uses
  import imp
/usr/lib/python3.6/site-packages/urllib3/connectionpool.py:857: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
  InsecureRequestWarning)
https://192.168.24.2:13696
sys:1: ResourceWarning: unclosed <ssl.SSLSocket fd=3, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=6, laddr=('192.168.24.2', 51102), raddr=('192.168.24.2', 13000)>

This can be mitigated by properly cleaning up the created requests.Session when the keystoneauth1.session.Session is destroyed

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystoneauth (master)

Fix proposed to branch: master
Review: https://review.opendev.org/674139

Changed in keystoneauth:
assignee: nobody → Alex Schultz (alex-schultz)
status: New → In Progress
Colleen Murphy (krinkle)
Changed in keystoneauth:
importance: Undecided → Low
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystoneauth (master)

Reviewed: https://review.opendev.org/674139
Committed: https://git.openstack.org/cgit/openstack/keystoneauth/commit/?id=b2b5ad3cb1ff05e08c22973bb079125214ba7bcf
Submitter: Zuul
Branch: master

commit b2b5ad3cb1ff05e08c22973bb079125214ba7bcf
Author: Alex Schultz <email address hidden>
Date: Thu Aug 1 16:08:24 2019 -0600

    Cleanup session on delete

    If an external session object was not passed to the Session class, we
    create a requests.Session() on our own. Once this is used, it may still
    have an open connection when the auth Session is closed. We need to
    handle the closing of the requests.Session() ourselves if we created
    one. If you do not close it, a ResourceWarning may be reported about the
    socket that is left open. If a session object is provided, we do not
    attempt to close it as it will be up to the code consuming keystoneauth
    to properly handle cleaning up the provided session.

    Change-Id: I590755d665b371c76ba8e02836d81d41a95ac601
    Closes-Bug: #1838704

Changed in keystoneauth:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystoneauth 3.18.0

This issue was fixed in the openstack/keystoneauth 3.18.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystoneauth (stable/train)

Fix proposed to branch: stable/train
Review: https://review.opendev.org/760911

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystoneauth 3.17.4

This issue was fixed in the openstack/keystoneauth 3.17.4 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.