| 2012-04-12 10:12:15 |
Eoghan Glynn |
bug |
|
|
added bug |
| 2012-04-12 10:24:20 |
Eoghan Glynn |
glance: status |
New |
Confirmed |
|
| 2012-04-12 10:24:27 |
Eoghan Glynn |
glance: importance |
Undecided |
Medium |
|
| 2012-04-12 10:24:32 |
Eoghan Glynn |
glance: assignee |
|
Eoghan Glynn (eglynn) |
|
| 2012-04-12 10:24:37 |
Eoghan Glynn |
glance: milestone |
|
folsom-1 |
|
| 2012-04-12 10:25:16 |
Eoghan Glynn |
glance: status |
Confirmed |
In Progress |
|
| 2012-04-12 14:55:59 |
OpenStack Infra |
glance: status |
In Progress |
Fix Committed |
|
| 2012-04-30 23:32:26 |
Sam Morrison |
tags |
|
essex-backport |
|
| 2012-05-18 17:58:22 |
Stuart Stent |
bug |
|
|
added subscriber Stuart Stent |
| 2012-05-23 05:44:53 |
Martin Gerhard Loschwitz |
bug task added |
|
glance (Ubuntu) |
|
| 2012-05-23 08:36:04 |
Thierry Carrez |
glance: status |
Fix Committed |
Fix Released |
|
| 2012-05-23 18:18:19 |
Launchpad Janitor |
glance (Ubuntu): status |
New |
Confirmed |
|
| 2012-05-23 23:32:32 |
Chuck Short |
glance (Ubuntu): milestone |
|
precise-updates |
|
| 2012-05-23 23:33:24 |
Chuck Short |
nominated for series |
|
Ubuntu Precise |
|
| 2012-05-23 23:33:24 |
Chuck Short |
bug task added |
|
glance (Ubuntu Precise) |
|
| 2012-05-23 23:33:24 |
Chuck Short |
nominated for series |
|
Ubuntu Quantal |
|
| 2012-05-23 23:33:24 |
Chuck Short |
bug task added |
|
glance (Ubuntu Quantal) |
|
| 2012-05-23 23:43:26 |
Launchpad Janitor |
branch linked |
|
lp:~gandelman-a/ubuntu/precise/glance/sru_979745 |
|
| 2012-05-24 07:40:58 |
Launchpad Janitor |
glance (Ubuntu Precise): status |
New |
Confirmed |
|
| 2012-05-24 10:27:15 |
James Page |
glance (Ubuntu Quantal): milestone |
precise-updates |
quantal-alpha-1 |
|
| 2012-05-24 10:27:19 |
James Page |
glance (Ubuntu Precise): milestone |
|
precise-updates |
|
| 2012-05-24 10:27:32 |
James Page |
glance (Ubuntu Precise): importance |
Undecided |
High |
|
| 2012-05-24 10:27:35 |
James Page |
glance (Ubuntu Quantal): importance |
Undecided |
High |
|
| 2012-05-24 10:27:55 |
James Page |
glance (Ubuntu Precise): status |
Confirmed |
Triaged |
|
| 2012-05-24 10:27:59 |
James Page |
glance (Ubuntu Quantal): status |
Confirmed |
Triaged |
|
| 2012-05-24 19:26:59 |
Adam Gandelman |
glance (Ubuntu Quantal): status |
Triaged |
Fix Released |
|
| 2012-05-24 20:53:15 |
Adam Gandelman |
description |
When the swift backend store is in use, with the keystone auth strategy enabled, and delayed_delete configured false, image deletion in glance leads to the corresponding swift object being leaked.
This results from the attempted object deletion in glance/store/swift.py failing silently with:
Auth GET failed: http://keystone_host:5000/tokens 404 Not Found
The root cause is that the auth url associated with the swift connection used for deletion is missing a trailing forward slash. |
When the swift backend store is in use, with the keystone auth strategy enabled, and delayed_delete configured false, image deletion in glance leads to the corresponding swift object being leaked.
This results from the attempted object deletion in glance/store/swift.py failing silently with:
Auth GET failed: http://keystone_host:5000/tokens 404 Not Found
The root cause is that the auth url associated with the swift connection used for deletion is missing a trailing forward slash.
Ubuntu SRU Justification
-------------------------
[Impact]
When Glance is configured to use Swift as a backend store and when Keystone authentication is enabled, requests are sent to the Keystone Auth URL without a trailing slash. This results in 404s from the Keystone API server, causing authentication requests in Glance's swift client middleware to fail. The original report cites situations where image deletion silently fails, though others report this completely breaks Swift+Glance integration.
[Development Fix]
This issue has been fixed since the release of Essex and has been released in the first Openstack Folsom milestone (f1) https://review.openstack.org/6480
[Stable Fix]
The fix has been backported upstream to the stable/essex branch. Cherry picking the commit and applying it to the Essex/12.04 packaging should be enough to fix the issue. http://bazaar.launchpad.net/~gandelman-a/ubuntu/precise/glance/sru_979745/revision/52
[Test Case]
Configure glance to use Swift as a backing store with Keystone authentication. Uploading, deleting and getting images should result in 404s from Keystone for requests to the configured auth URL.
[Regression Potential]
Minimal. The patch simply formats the keystone URL appropriately within Glance's swift client code. This code path is not hit unless the glance server is configured to use a Keystone-authenticated Swift backend. |
|
| 2012-05-25 17:12:28 |
Adam Gandelman |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2012-05-28 16:59:44 |
Adam Gandelman |
bug |
|
|
added subscriber Adam Gandelman |
| 2012-05-29 18:32:44 |
Brian Murray |
glance (Ubuntu Precise): status |
Triaged |
Fix Committed |
|
| 2012-05-29 18:32:49 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
| 2012-05-29 18:32:56 |
Brian Murray |
tags |
essex-backport |
essex-backport verification-needed |
|
| 2012-05-29 18:42:16 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/precise-proposed/glance |
|
| 2012-05-29 20:14:13 |
Jean-Baptiste Lallement |
tags |
essex-backport verification-needed |
essex-backport verification-done |
|
| 2012-06-04 00:48:32 |
Launchpad Janitor |
glance (Ubuntu Precise): status |
Fix Committed |
Fix Released |
|
| 2012-06-05 16:03:19 |
Launchpad Janitor |
branch linked |
|
lp:~openstack-ubuntu-testing/glance/precise-essex-proposed |
|
| 2012-06-12 20:20:09 |
Brian Murray |
tags |
essex-backport verification-done |
essex-backport |
|
| 2012-06-12 20:20:11 |
Brian Murray |
tags |
essex-backport |
essex-backport verification-needed |
|
| 2012-06-14 14:55:43 |
Mark McLoughlin |
nominated for series |
|
glance/essex |
|
| 2012-06-14 14:55:44 |
Mark McLoughlin |
bug task added |
|
glance/essex |
|
| 2012-06-14 14:56:25 |
Mark McLoughlin |
glance/essex: status |
New |
Fix Committed |
|
| 2012-06-14 14:56:25 |
Mark McLoughlin |
glance/essex: milestone |
|
2012.1.1 |
|
| 2012-06-21 22:39:09 |
Mark McLoughlin |
glance/essex: status |
Fix Committed |
Fix Released |
|
| 2012-07-03 20:10:15 |
Steve Langasek |
tags |
essex-backport verification-needed |
essex-backport verification-done |
|
| 2012-09-27 14:41:28 |
Thierry Carrez |
glance: milestone |
folsom-1 |
2012.2 |
|
