rally doesn't take cacert setting
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Rally |
Fix Released
|
High
|
Sergey Skripnick |
Bug Description
I want to run rally against an existing cloud.
If I source my credentials file I can run nova, neutron, openstack commands - no issue.
(venv) gavin@gbhos ~/work/rally $ source ../gavin-
(venv) gavin@gbhos ~/work/rally $ nova list
+----+-
| ID | Name | Status | Task State | Power State | Networks |
+----+-
+----+-
I then create my deployment from the environment which claims to succeed :
(venv) gavin@gbhos ~/work/rally $ rally-manage db recreate
2016-05-02 12:58:10.631 73480 INFO alembic.
2016-05-02 12:58:10.631 73480 INFO alembic.
2016-05-02 12:58:12.621 73480 INFO alembic.
2016-05-02 12:58:12.622 73480 INFO alembic.
2016-05-02 12:58:12.754 73480 INFO alembic.
(venv) gavin@gbhos ~/work/rally $ rally deployment create --fromenv --name=IPC1
2016-05-02 12:58:44.037 73535 INFO rally.deploymen
2016-05-02 12:58:44.242 73535 INFO rally.deploymen
+------
| uuid | created_at | name | status | active |
+------
| 91737855-
+------
Using deployment: 91737855-
~/.rally/openrc was updated
HINTS:
* To get your cloud resources, run:
rally show [flavors|
* To use standard OpenStack clients, set up your env by running:
source ~/.rally/openrc
OpenStack clients are now configured, e.g run:
glance image-list
However :
(venv) gavin@gbhos ~/work/rally $ rally show flavors
Flavors for user `<email address hidden>` in tenant `<email address hidden>`:
2016-05-02 12:58:55.405 73554 WARNING keystoneclient.
Command failed, please check log for more info
2016-05-02 12:58:55.842 73554 CRITICAL rally [-] SSLError: SSL exception connecting to https:/
2016-05-02 12:58:55.842 73554 ERROR rally Traceback (most recent call last):
2016-05-02 12:58:55.842 73554 ERROR rally File "/home/
:
:
The correct OS_CACERT is in ~/.rally/openrc :
(venv)<email address hidden> gavin@gbhos ~/work/rally $ grep CERT ~/.rally/openrc
export OS_CACERT=
But rally itself appears to pay no attention to it.
In order to work around this I had to manually add my certificate to lib/python2.
Changed in rally: | |
status: | New → In Progress |
importance: | Undecided → High |
assignee: | nobody → Sergey Skripnick (eyerediskin) |
I also tried setting "https_cacert" in the deployment definition file, but that didn't work either