Mirantis OpenStack

Unauthorized message when uploading a large image with openstack cli

Bug #1825368 reported by Anton Rodionov on 2019-04-18

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Mirantis OpenStack	Won't Fix	Wishlist	Oleksiy Molchanov	Mirantis OpenStack 9.x-updates

Bug Description

Drop number-- "Drop2019w15"

When we upload a large image using openstack cli, If the image upload time is more than token expiration time, the image getting uploaded successfully but getting below message at the end.
401 Unauthorized: This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required. (HTTP 401)

The message is coming when we try to upload an image which takes more upload time than the token expiration time in keystone.conf.

This is happening when we use openstack cli. We did not check uploading images from Horizon.

Please verify the atatched file <trail2.txt>, We tried 3 scenarios in there. It contains steps for issue reproduction.

1. Upload of optimum size image with openstack cli

2. Upload of big image which takes lot of time, using openstack cli(here we got message)

3. Upload of same size image in step 2 using glance cli

In this test we reduced expiration time to 300sec.

Revision history for this message

Anton Rodionov (arodionov) wrote on 2019-04-18:

trail2.txt Edit (12.9 KiB, text/plain)

Denis Meltsaykin (dmeltsaykin) on 2019-04-18

Changed in mos:
milestone:	none → 9.2-mu-12
assignee:	nobody → MOS Maintenance (mos-maintenance)
importance:	Undecided → Critical
importance:	Critical → High
status:	New → Confirmed

Oleksiy Molchanov (omolchanov) on 2019-04-19

Changed in mos:
assignee:	MOS Maintenance (mos-maintenance) → Oleksiy Molchanov (omolchanov)

Oleksiy Molchanov (omolchanov) on 2019-04-22

Changed in mos:
status:	Confirmed → In Progress

Oleksiy Molchanov (omolchanov) on 2019-05-03

Changed in mos:
status:	In Progress → Confirmed

Revision history for this message

Denis Meltsaykin (dmeltsaykin) wrote on 2019-05-23:

I assume that the OpenStack CLI (which is an alternative to the glance native CLI in this case) is just failing in this part https://github.com/openstack/python-openstackclient/blob/mitaka-eol/openstackclient/image/v2/image.py#L349 where it tries to get image info after uploading. This is just a cosmetic problem that is not worth inventing re-authorization mechanics in the CLI. There are plenty of workarounds and they all are well known:

1) Increase token's lifetime
2) Use the glance native CLI
3) Ignore this error

I'm going to close this report as Won't Fix.

Changed in mos:
status:	Confirmed → Won't Fix
importance:	High → Wishlist
milestone:	9.2-mu-12 → 9.x-updates

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

trail2.txt Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.