python-swiftclient

Capability discovery endpoint detection is hardcoded

Bug #1712358 reported by Dmitry Nikishov
38
This bug affects 11 people
Affects Status Importance Assigned to Milestone
python-swiftclient
Fix Released
Undecided
Unassigned

Bug Description

We have a Ceph-based setup and Horizon can't retrieve the list of objects from RadosGW even though we have Swift API enabled: it tries to fetch the data from https://<ip>:<port>/info and was receiving XML with what seemed like S3 API output.

After some time digging I've finally found out that the root cause lies within python-swiftclient.

We have a setup that supports both S3 and Swift APIs. Swift's endpoint in Keystone is created as
follows:

https://<ip>:<port>/swift/v1

whereas traditionally it is set up like

https://<ip>:<port>/v1

swiftclient's get_capabilities() method assumes that Swift's endpoint is located directly at "/", so it goes to "/info", which is incorrect.

Buggy line: https://github.com/openstack/python-swiftclient/blob/master/swiftclient/client.py#L1857

Revision history for this message
Daniel Čech (dcech) wrote :

Hello,
Rewriting the aforementioned part of swiftclient into
        #scheme = urlparse(url).scheme
        #netloc = urlparse(url).netloc
        #url = scheme + '://' + netloc + '/info'
        parts = url.split("/")
        parts[-1] = "info"
        url = "/".join(parts)
and it works like a charm now.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on python-swiftclient (master)

Change abandoned by Daniel Čech (<email address hidden>) on branch: master
Review: https://review.openstack.org/500875
Reason: wrong update

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to python-swiftclient (master)

Reviewed: https://review.opendev.org/722395
Committed: https://git.openstack.org/cgit/openstack/python-swiftclient/commit/?id=947c09f30c6b603e3f4da060bc913407b158a0ca
Submitter: Zuul
Branch: master

commit 947c09f30c6b603e3f4da060bc913407b158a0ca
Author: Ivan Kolodyazhny <email address hidden>
Date: Thu Apr 23 19:01:47 2020 +0300

    Fixed capability discovery endpoint hardcode

    It fixes get_capabilities() method to process
    correctly endpoints like: 'https://<ip>:<port>/v1',
    'https://<ip>:<port>/swift/v1'.

    Co-Authored-By: Daniel Cech <email address hidden>
    Change-Id: Ib4037d0b49da1bce959947100629370805f510d5
    Closes-bug: #1712358

Changed in python-swiftclient:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to python-swiftclient (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/724247

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to python-swiftclient (stable/ussuri)

Reviewed: https://review.opendev.org/724247
Committed: https://git.openstack.org/cgit/openstack/python-swiftclient/commit/?id=e1c05cffbe980807f170731028ca1a007fcc6f10
Submitter: Zuul
Branch: stable/ussuri

commit e1c05cffbe980807f170731028ca1a007fcc6f10
Author: Ivan Kolodyazhny <email address hidden>
Date: Thu Apr 23 19:01:47 2020 +0300

    Fixed capability discovery endpoint hardcode

    It fixes get_capabilities() method to process
    correctly endpoints like: 'https://<ip>:<port>/v1',
    'https://<ip>:<port>/swift/v1'.

    Co-Authored-By: Daniel Cech <email address hidden>
    Change-Id: Ib4037d0b49da1bce959947100629370805f510d5
    Closes-bug: #1712358
    (cherry picked from commit 947c09f30c6b603e3f4da060bc913407b158a0ca)

tags: added: in-stable-ussuri
Revision history for this message
Lars Erik Pedersen (pedersen-larserik) wrote :

Will this ever be included in an actual ussuri release? I can see it is included in 3.10.x but those are victoria packages..

Revision history for this message
Corey Bryant (corey.bryant) wrote :

This will be fixed this in Ubuntu via https://bugs.launchpad.net/bugs/1902944.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/python-swiftclient 3.9.1

This issue was fixed in the openstack/python-swiftclient 3.9.1 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to python-swiftclient (stable/train)

Fix proposed to branch: stable/train
Review: https://review.opendev.org/c/openstack/python-swiftclient/+/786235

Revision history for this message
yehaifeng (yehaifeng) wrote :
Download full text (3.3 KiB)

I got the same error at version wallaby installed by kolla-ansbile when I click Object Store -> Containers.

[Fri Jul 15 01:01:29.134308 2022] [wsgi:error] [pid 77:tid 140379401193216] [remote 192.168.115.7:46308] REQ: curl -i https://osk.99bill.com:8080/info -X GET -H "Accept-Encoding: gzip"
[Fri Jul 15 01:01:29.134501 2022] [wsgi:error] [pid 77:tid 140379401193216] [remote 192.168.115.7:46308] RESP STATUS: 401 Unauthorized
[Fri Jul 15 01:01:29.134698 2022] [wsgi:error] [pid 77:tid 140379401193216] [remote 192.168.115.7:46308] RESP HEADERS: {'Content-Type': 'application/json', 'Content-Length': '114', 'WWW-Authenticate': 'Keystone uri="https://osk.99bill.com:5000"', 'X-Trans-Id': 'tx51937d0917254696b6d65-0062d0bc69', 'X-Openstack-Request-Id': 'tx51937d0917254696b6d65-0062d0bc69', 'Date': 'Fri, 15 Jul 2022 01:01:29 GMT'}
[Fri Jul 15 01:01:29.134870 2022] [wsgi:error] [pid 77:tid 140379401193216] [remote 192.168.115.7:46308] RESP BODY: b'{"error": {"code": 401, "title": "Unauthorized", "message": "The request you have made requires authentication."}}'
[Fri Jul 15 01:01:29.157363 2022] [wsgi:error] [pid 80:tid 140379401193216] [remote 192.168.115.7:46714] REQ: curl -i https://osk.99bill.com:8080/info -X GET -H "Accept-Encoding: gzip"
[Fri Jul 15 01:01:29.157531 2022] [wsgi:error] [pid 80:tid 140379401193216] [remote 192.168.115.7:46714] RESP STATUS: 401 Unauthorized
[Fri Jul 15 01:01:29.157753 2022] [wsgi:error] [pid 80:tid 140379401193216] [remote 192.168.115.7:46714] RESP HEADERS: {'Content-Type': 'application/json', 'Content-Length': '114', 'WWW-Authenticate': 'Keystone uri="https://osk.99bill.com:5000"', 'X-Trans-Id': 'tx12229c7102cf4141bc263-0062d0bc69', 'X-Openstack-Request-Id': 'tx12229c7102cf4141bc263-0062d0bc69', 'Date': 'Fri, 15 Jul 2022 01:01:29 GMT'}
[Fri Jul 15 01:01:29.157944 2022] [wsgi:error] [pid 80:tid 140379401193216] [remote 192.168.115.7:46714] RESP BODY: b'{"error": {"code": 401, "title": "Unauthorized", "message": "The request you have made requires authentication."}}'
[Fri Jul 15 01:01:29.159174 2022] [wsgi:error] [pid 80:tid 140379401193216] [remote 192.168.115.7:46714] error invoking apiclient
[Fri Jul 15 01:01:29.159205 2022] [wsgi:error] [pid 80:tid 140379401193216] [remote 192.168.115.7:46714] Traceback (most recent calllast):
[Fri Jul 15 01:01:29.159215 2022] [wsgi:error] [pid 80:tid 140379401193216] [remote 192.168.115.7:46714] File "/var/lib/kolla/venv/lib/python3.6/site-packages/openstack_dashboard/api/rest/utils.py", line 128, in _wrapped
[Fri Jul 15 01:01:29.159223 2022] [wsgi:error] [pid 80:tid 140379401193216] [remote 192.168.115.7:46714] data = function(self, request, *args, **kw)
[Fri Jul 15 01:01:29.159231 2022] [wsgi:error] [pid 80:tid 140379401193216] [remote 192.168.115.7:46714] File "/var/lib/kolla/venv/lib/python3.6/site-packages/openstack_dashboard/api/rest/swift.py", line 53, in get
[Fri Jul 15 01:01:29.159238 2022] [wsgi:error] [pid 80:tid 140379401193216] [remote 192.168.115.7:46714] policies = capabilities['swift']['policies']
[Fri Jul 15 01:01:29.159284 2022] [wsgi:error] [pid 80:tid 140379401193216] [remote 192.168.115.7:46714] KeyError: 'swift'
[Fri Jul 15 01:01:29.159330 2022] [...

Read more...

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on python-swiftclient (stable/train)

Change abandoned by "Tim Burke <email address hidden>" on branch: stable/train
Review: https://review.opendev.org/c/openstack/python-swiftclient/+/786235

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.