Network commands ignore insecure option
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-openstackclient |
New
|
Undecided
|
Vishakha Agarwal |
Bug Description
In order to reproduce, setup a environment where insecure SSL is being used for the keystone endpoint, either by deploying with a self-signed certificate or simply by running devstack with the tls-proxy service enabled and then removing the CA certs generated by devstack with:
$ sudo mv /usr/local/
$ sudo mv /usr/local/
$ sudo update-
To verify the setup, run:
$ openstack token issue
Could not determine a suitable URL for the plugin
Now adding the "--insecure" option makes this and other commands work, but fails for any network command:
$ openstack --insecure token issue
+------
------------------+
| Field | Value
|
+------
------------------+
| expires | 2018-03-
| id | gAAAAABarrWP_
7vCWOcw6KzrJ4gVRA |
| project_id | 451ea624535f483
|
| user_id | d965b06ebc9c41e
|
+------
------------------+
$ openstack --insecure image list
+------
| ID | Name | Status |
+------
| 12f20988-
+------
$ openstack --insecure network list
SSL exception connecting to https:/
used by SSLError(
$ openstack --insecure router list
SSL exception connecting to https:/
The reason seems to be that the sdk_connection object that is generated on osc-lib is lacking this attribute.
Changed in python-openstackclient: | |
assignee: | nobody → Vishakha Agarwal (vishakha.agarwal) |
Hi Jens,
I am not able to reproduce the following bug on masters. Could you pl confirm on which version you faced this issue.
I performed the following steps-
Changed in the local.conf- SERVICES+ =,tls-proxy
ENABLED_
./stack.sh
Moved the certificates and updated it.
$ openstack --insecure network list ------- ------- ------- ------- ----+-- ------- +------ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- + ------- ------- ------- ------- ----+-- ------- +------ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- + bf88-412f- 99a3-102e465e59 3d | private | 331139fc- 16e1-4ab6- 8977-e31f1f985f 08, 56d93b38- 64bb-49d7- 8a1c-83b7f2c9e9 4b | 9e7c-4171- b883-cb7f524645 e1 | public | 18911d42- c967-4d6d- 90dd-b71405d584 c6, a25175a4- 5a84-4b42- bd03-5249efd4b3 72 | ------- ------- ------- ------- ----+-- ------- +------ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- +
+------
| ID | Name | Subnets |
+------
| 56bc853f-
| 977727e1-
+------
It ran perfectly. Am I missing something?