Activity log for bug #2054130

Date Who What changed Old value New value Message
2024-02-16 16:08:21 Roman Krček bug added bug
2024-02-19 11:46:31 Roman Krček summary swift_delay_auth_decision should be always True Horizon swift dashboard error "Error: Unable to fetch security policies"
2024-02-19 11:53:09 Roman Krček description After enabling swift in globals.yml with enable_swift: "yes" the horizon Object storage dashboard fails to load with error "Error: Unable to fetch policies" This is due to the fact, that swift_proxy_server is set up in way that endpoint openstack_ip:8080/info requires authentication. However, the underlying python-swiftclient that horizon uses doesnt use authentication to retrieve data from the /info endpoint. The /info endpoint requires authentication because delay_auth_decision is by default set to False in proxy-server.conf The fact that it should be set to True is mentioned on the swift documentation https://docs.openstack.org/swift/latest/overview_auth.html I belive that swift_delay_auth_decision should be by default set to True, not only when using the S3 API in https://github.com/openstack/kolla-ansible/blob/master/ansible/roles/swift/defaults/main.yml#L63 After enabling swift in globals.yml with enable_swift: "yes" the horizon Object storage dashboard fails to load with error "Error: Unable to fetch security policies" When looking at horizon-error.log, I saw errors when horizon was fetching openstack_ip:8080/info. It returned 401: Unauthorized. The underlying python-swiftclient that horizon uses doesnt use authentication to retrieve data from the /info endpoint. I traced this back to the fact, that swift_proxy_server is set up in way that endpoint openstack_ip:8080/info requires authentication. The /info endpoint requires authentication because delay_auth_decision is by default set to False in proxy-server.conf Documentation mentions that when set to False, the public access (that the python-swiftclient expects) is broken. https://docs.openstack.org/swift/latest/overview_auth.html (see the first Note) swift_delay_auth_decision is set to True when using the S3 API, however in the documentation it is not mentioned that its required to get Swift working. https://github.com/openstack/kolla-ansible/blob/master/ansible/roles/swift/defaults/main.yml#L63
2024-02-19 11:53:21 Roman Krček summary Horizon swift dashboard error "Error: Unable to fetch security policies" Horizon Object storage dashboard error "Error: Unable to fetch security policies"
2024-02-19 11:53:32 Roman Krček summary Horizon Object storage dashboard error "Error: Unable to fetch security policies" Horizon Object storage dashboard "Error: Unable to fetch security policies"