Service cinder-backup failed when Swift with TLS enabled even with configuration (Ubuntu, Xena):
[DEFAULT]
backup_swift_ca_cert_file = /etc/ssl/certs/ca-certificates.crt
the full error trace:
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift [-] Can not get Swift capabilities during backup driver initialization.: requests.exceptions.SSLError: HTTPSConnectionPool(host='192.168.44.40', port=8080): Max retries exceeded with url: /info (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)')))
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift Traceback (most recent call last):
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/urllib3/connectionpool.py", line 699, in urlopen
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift httplib_response = self._make_request(
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/urllib3/connectionpool.py", line 382, in _make_request
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift self._validate_conn(conn)
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/urllib3/connectionpool.py", line 1010, in _validate_conn
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift conn.connect()
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/urllib3/connection.py", line 411, in connect
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift self.sock = ssl_wrap_socket(
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/urllib3/util/ssl_.py", line 453, in ssl_wrap_socket
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_in_tls)
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/urllib3/util/ssl_.py", line 495, in _ssl_wrap_socket_impl
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift return ssl_context.wrap_socket(sock)
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/eventlet/green/ssl.py", line 445, in wrap_socket
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift return GreenSSLSocket(sock, *a, _context=self, **kw)
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/eventlet/green/ssl.py", line 139, in __init__
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift self.do_handshake()
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/eventlet/green/ssl.py", line 311, in do_handshake
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift return self._call_trampolining(
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/eventlet/green/ssl.py", line 161, in _call_trampolining
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift return func(*a, **kw)
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/usr/lib/python3.8/ssl.py", line 1338, in do_handshake
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift self._sslobj.do_handshake()
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable toget local issuer certificate (_ssl.c:1131)
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift During handling of the above exception, another exception occurred:
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift Traceback (most recent call last):
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/requests/adapters.py", line 439, in send
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift resp = conn.urlopen(
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/urllib3/connectionpool.py", line 755, in urlopen
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift retries = retries.increment(
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/urllib3/util/retry.py", line 574, in increment
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift raise MaxRetryError(_pool, url, error or ResponseError(cause))
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='192.168.44.40', port=8080): Max retries exceeded with url: /info (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)')))
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift During handling of the above exception, another exception occurred:
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift Traceback (most recent call last):
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/cinder/backup/drivers/swift.py", line 420, in check_for_setup_error
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift conn.get_capabilities()
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/swiftclient/client.py", line 2059, in get_capabilities
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift return get_capabilities((parsed, self.http_conn[1]))
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/swiftclient/client.py", line 1677, in get_capabilities
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift conn.request('GET', parsed.path, '', headers)
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/swiftclient/client.py", line 470, in request
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift self.resp = self._request(method, url, headers=headers, data=data,
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/swiftclient/client.py", line 454, in _request
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift return self.request_session.request(*arg, **kwarg)
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/requests/sessions.py", line 542, in request
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift resp = self.send(prep, **send_kwargs)
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/requests/sessions.py", line 655, in send
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift r = adapter.send(request, **kwargs)
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift File "/var/lib/kolla/venv/lib/python3.8/site-packages/requests/adapters.py", line 514, in send
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift raise SSLError(e, request=request)
2024-02-01 21:00:30.208 1033 ERROR cinder.backup.drivers.swift requests.exceptions.SSLError: HTTPSConnectionPool(host='192.168.44.40', port=8080): Max retries exceeded with url: /info (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)')))
Fix proposed to branch: master /review. opendev. org/c/openstack /kolla- ansible/ +/907495
Review: https:/