← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1410622] Re: nova is still broken with boto==2.35*

 

Aha, the signature nova is passing to keystone:

1c314a588a431c92d83b00ca7450195c461857fb78018147065e43089af10788

is different from the generated signature in the keystone code:

8189a643a8669802f5e9e09bc835558cc8521b7edebb43d166e6b60469509d11

** Also affects: keystone
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1410622

Title:
  nova is still broken with boto==2.35*

Status in OpenStack Identity (Keystone):
  New
Status in OpenStack Compute (Nova):
  Triaged

Bug description:
  Bug 1408987 fixed one auth issue with the signature handling:

  https://review.openstack.org/#/c/146124/

  But when trying to uncap the requirement on master we hit two new
  failures when trying to create a security group, we get auth failures
  (401 failures to be exact).

  Copied from comment 14 of bug 1408987:

  This is still broken on master, when I tried to uncap the boto version
  on master I get new auth failures:

  http://logs.openstack.org/92/146592/1/check/check-tempest-dsvm-
  full/7c375f8/console.html#_2015-01-12_19_11_36_102

  2015-01-12 19:11:36.102 | tempest.thirdparty.boto.test_ec2_security_groups.EC2SecurityGroupTest.test_create_authorize_security_group
  2015-01-12 19:11:36.102 | ----------------------------------------------------------------------------------------------------------
  2015-01-12 19:11:36.102 |
  2015-01-12 19:11:36.102 | Captured traceback:
  2015-01-12 19:11:36.102 | ~~~~~~~~~~~~~~~~~~~
  2015-01-12 19:11:36.103 | Traceback (most recent call last):
  2015-01-12 19:11:36.103 | _StringException: Empty attachments:
  2015-01-12 19:11:36.103 | stderr
  2015-01-12 19:11:36.103 | stdout
  2015-01-12 19:11:36.103 |
  2015-01-12 19:11:36.103 | pythonlogging:'': {{{
  2015-01-12 19:11:36.103 | 2015-01-12 19:07:12,279 27381 DEBUG [keystoneclient.auth.identity.v2] Making authentication request to http://127.0.0.1:5000/v2.0/tokens
  2015-01-12 19:11:36.103 | 2015-01-12 19:07:13,359 27381 ERROR [boto] 401 Unauthorized
  2015-01-12 19:11:36.103 | 2015-01-12 19:07:13,359 27381 ERROR [boto] <?xml version="1.0"?>
  2015-01-12 19:11:36.103 | <Response><Errors><Error><Code>AuthFailure</Code><Message>Unauthorized</Message></Error></Errors><RequestID>req-81391f74-7caf-42a6-a3b8-ccd2c7d1cbdf</RequestID></Response>
  2015-01-12 19:11:36.104 | }}}
  2015-01-12 19:11:36.104 |
  2015-01-12 19:11:36.104 | Traceback (most recent call last):
  2015-01-12 19:11:36.104 | File "tempest/thirdparty/boto/test_ec2_security_groups.py", line 32, in test_create_authorize_security_group
  2015-01-12 19:11:36.104 | group_description)
  2015-01-12 19:11:36.104 | File "tempest/services/botoclients.py", line 84, in func
  2015-01-12 19:11:36.104 | return getattr(conn, name)(*args, **kwargs)
  2015-01-12 19:11:36.104 | File "/usr/local/lib/python2.7/dist-packages/boto/ec2/connection.py", line 3003, in create_security_group
  2015-01-12 19:11:36.104 | SecurityGroup, verb='POST')
  2015-01-12 19:11:36.105 | File "/usr/local/lib/python2.7/dist-packages/boto/connection.py", line 1207, in get_object
  2015-01-12 19:11:36.105 | raise self.ResponseError(response.status, response.reason, body)
  2015-01-12 19:11:36.105 | EC2ResponseError: EC2ResponseError: 401 Unauthorized
  2015-01-12 19:11:36.105 | <?xml version="1.0"?>
  2015-01-12 19:11:36.105 | <Response><Errors><Error><Code>AuthFailure</Code><Message>Unauthorized</Message></Error></Errors><RequestID>req-81391f74-7caf-42a6-a3b8-ccd2c7d1cbdf</RequestID></Response>

  It's something to do with security groups this time.

  http://logs.openstack.org/92/146592/1/check/check-tempest-dsvm-
  full/7c375f8/logs/screen-n-api.txt.gz#_2015-01-12_19_07_13_357

  2015-01-12 19:07:13.357 24624 DEBUG nova.api.ec2.faults [-] EC2 error
  response: AuthFailure: Unauthorized ec2_error_response
  /opt/stack/new/nova/nova/api/ec2/faults.py:29

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1410622/+subscriptions


References