group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #24292
[Bug 1611987] Re: [SRU] glance-simplestreams-sync charm doesn't support keystone v3
** Changed in: charm-glance-simplestreams-sync
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1611987
Title:
[SRU] glance-simplestreams-sync charm doesn't support keystone v3
Status in OpenStack glance-simplestreams-sync charm:
Fix Released
Status in Glance - Simplestreams Sync Charm:
Invalid
Status in simplestreams:
Confirmed
Status in simplestreams package in Ubuntu:
Fix Released
Status in simplestreams source package in Xenial:
Confirmed
Status in simplestreams source package in Artful:
Confirmed
Status in simplestreams source package in Bionic:
Fix Released
Status in glance-simplestreams-sync package in Juju Charms Collection:
Invalid
Bug description:
[Impact]
simplestreams can't sync images when keystone is configured to use v3,
keystone v2 is deprecated since mitaka[0] (the version shipped with
xenial)
The OpenStack Keystone charm supports v3 only since Queens and
later[1]
[Test Case]
* deploy a openstack environment with keystone v3 enabled
- get a copy of the bundle available at http://paste.ubuntu.com/p/hkhsHKqt4h/ , this bundle deploys a minimal version of xenial-mitaka.
Expected result:
- "glance image-list" lists trusty and xenial images
- the file glance-simplestreams-sync/0:/var/log/glance-simplestreams-sync.log contains details of the images pulled from cloud-images.u.c (example: https://pastebin.ubuntu.com/p/RWG8QrkVDz/ )
Actual result:
- "glance image-list" is empty
- the file glance-simplestreams-sync/0:/var/log/glance-simplestreams-sync.log contains the following stacktrace
INFO * 04-09 22:04:06 [PID:14571] * root * Calling DryRun mirror to get item list
ERROR * 04-09 22:04:06 [PID:14571] * root * Exception during syncing:
Traceback (most recent call last):
File "/usr/share/glance-simplestreams-sync/glance-simplestreams-sync.py", line 471, in main
do_sync(charm_conf, status_exchange)
File "/usr/share/glance-simplestreams-sync/glance-simplestreams-sync.py", line 232, in do_sync
objectstore=store)
File "/usr/lib/python2.7/dist-packages/simplestreams/mirrors/glance.py", line 374, in __init__
super(ItemInfoDryRunMirror, self).__init__(config, objectstore)
File "/usr/lib/python2.7/dist-packages/simplestreams/mirrors/glance.py", line 126, in __init__
self.keystone_creds = openstack.load_keystone_creds()
File "/usr/lib/python2.7/dist-packages/simplestreams/openstack.py", line 61, in load_keystone_creds
raise ValueError("(tenant_id or tenant_name)")
ValueError: (tenant_id or tenant_name)
[Regression Potential]
* A possible regression will manifest itself figuring out if v2 or v3
should be used, after the connection is made there are no further
changes introduced by this SRU
[Other Info]
I was deploying a Mitaka Trusty 16.04 charm based Openstack cloud
(using the cloud archives), including glance-simplestreams-sync, using
keystone v3.
Once I had everything deployed, the glance-simplestreams-sync service
couldn't authenticate because it's using keystone v2, not v3, as you
can see from the following:
INFO * 08-10 23:16:01 [PID:33554] * root * glance-simplestreams-sync started.
DEBUG * 08-10 23:16:01 [PID:33554] * keystoneclient.session * REQ: curl -i -X POST http://x.y.z.240:5000/v2.0/tokens -H "Content-Type: application/json" -H "User-Agent: python-keystoneclient" -d '{"auth": {"passwordCredentials": {"username": "image-stream", "password": "thisisnotapassword"}, "tenantId": "blahblahtenantidblahblah"}}'
INFO * 08-10 23:16:01 [PID:33554] * urllib3.connectionpool * Starting new HTTP connection (1): x.y.z.240
DEBUG * 08-10 23:16:01 [PID:33554] * urllib3.connectionpool * Setting read timeout to None
DEBUG * 08-10 23:16:01 [PID:33554] * urllib3.connectionpool * "POST /v2.0/tokens HTTP/1.1" 401 114
DEBUG * 08-10 23:16:01 [PID:33554] * keystoneclient.session * RESP: [401] CaseInsensitiveDict({'content-length': '114', 'vary': 'X-Auth-Token', 'server': 'Apache/2.4.7 (Ubuntu)', 'date': 'Wed, 10 Aug 2016 23:16:01 GMT', 'www-authenticate': 'Keystone uri="http://x.y.z.240:5000"', 'x-openstack-request-id': 'req-f8aaf12d-01ea-46be-869a-6948ab38361b', 'content-type': 'application/json', 'x-distribution': 'Ubuntu'})
RESP BODY: {"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}
DEBUG * 08-10 23:16:01 [PID:33554] * keystoneclient.session * Request returned failure status: 401
DEBUG * 08-10 23:16:01 [PID:33554] * keystoneclient.v2_0.client * Authorization Failed.
Please update the charm to understand when its using keystone v3 and
use the right auth methods.
Related bugs:
* bug 1686437: glance sync: need keystone v3 auth support
To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-glance-simplestreams-sync/+bug/1611987/+subscriptions