yahoo-eng-team team mailing list archive

[Akihiro Motoki <1353401@xxxxxxxxxxxxxxxxxx>]

The master branch for Juno already has a support of HTTPS request in the following commit.
The commit provides more complete support of HTTPS including cert and private key config options.

commit b5917e35acb6189079f33ebb5562b8d2288dcd4f
Author: Jakub Libosvar <libosvar@xxxxxxxxxx>
Date:   Mon Mar 17 15:02:58 2014 +0100

    Add support for https requests on nova metadata

    Adds new config value for accessing nova metadata api with SSL. In case
    nova api requires client certificate other config values were added
    providing client certificate and client private key.

    DocImpact

    Closes-bug: #1293587
    Change-Id: I782a12eb77553f4369b782071b4ad19efb82e5e2


** Changed in: neutron
    Milestone: juno-3 => None

** Changed in: neutron
       Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1353401

Title:
  neutron-metadata-agent cannot proxy to SSL secured nova-api

Status in OpenStack Neutron (virtual network service):
  Invalid

Bug description:
  In /usr/lib/python2.6/site-packages/neutron/agent/metadata/agent.py I
  find this code fragment:

          url = urlparse.urlunsplit((
              'http',
              '%s:%s' % (self.conf.nova_metadata_ip,
                         self.conf.nova_metadata_port),
              req.path_info,
              req.query_string,
              ''))

  This is used to construct the URL to which the agent will connect to
  the nova-api. In our case this is secured via SSL and the request
  failes with BadStatusLine. If I patch the code to use 'https' it works
  perfectly.

  IMO there should be a way to configure http or https for the proxy
  URL.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1353401/+subscriptions