yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #30542
[Bug 1362766] Re: ConnectionFailed: Connection to neutron failed: 'HTTPSConnectionPool' object has no attribute 'insecure'
I'm getting this in nova-api too, we don't use neutron.
I get it when I do a nova list or nova show. Restarting nova-api fixed
it for a while but then it comes back again.
==> /var/log/nova/nova-api.log <==
2015-03-27 13:56:06.649 10962 WARNING keystonemiddleware.auth_token [-] Retrying on HTTP connection exception: 'HTTPSConnectionPool' object has no attribute 'insecure'
2015-03-27 13:56:07.153 10962 WARNING keystonemiddleware.auth_token [-] Retrying on HTTP connection exception: 'HTTPSConnectionPool' object has no attribute 'insecure'
2015-03-27 13:56:08.156 10962 WARNING keystonemiddleware.auth_token [-] Retrying on HTTP connection exception: 'HTTPSConnectionPool' object has no attribute 'insecure'
2015-03-27 13:56:10.159 10962 ERROR keystonemiddleware.auth_token [-] HTTP connection exception: 'HTTPSConnectionPool' object has no attribute 'insecure'
2015-03-27 13:56:10.161 10962 WARNING keystonemiddleware.auth_token [-] Authorization failed for token
2015-03-27 13:56:10.162 10962 INFO nova.osapi_compute.wsgi.server [-] 128.250.116.173,172.26.9.144 "GET /v1.1/0bdf024c921848c4b74d9e69af9edf08/servers/detail HTTP/1.1" status: 401 len: 282 time: 3.5197592
** Also affects: nova
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1362766
Title:
ConnectionFailed: Connection to neutron failed: 'HTTPSConnectionPool'
object has no attribute 'insecure'
Status in OpenStack Compute (Nova):
New
Status in Python client library for Glance:
Fix Released
Status in Python client library for Neutron:
Incomplete
Bug description:
While compute manager was trying to authenticate with neutronclient,
we see the following:
2014-08-28 05:03:33.052 29982 TRACE powervc_nova.compute.manager Traceback (most recent call last):
2014-08-28 05:03:33.052 29982 TRACE powervc_nova.compute.manager File "/usr/lib/python2.7/site-packages/powervc_nova/compute/manager.py", line 672, in _populate_admin_context
2014-08-28 05:03:33.052 29982 TRACE powervc_nova.compute.manager nclient.authenticate()
2014-08-28 05:03:33.052 29982 TRACE powervc_nova.compute.manager File "/usr/lib/python2.7/site-packages/neutronclient/client.py", line 231, in authenticate
2014-08-28 05:03:33.052 29982 TRACE powervc_nova.compute.manager self._authenticate_keystone()
2014-08-28 05:03:33.052 29982 TRACE powervc_nova.compute.manager File "/usr/lib/python2.7/site-packages/neutronclient/client.py", line 209, in _authenticate_keystone
2014-08-28 05:03:33.052 29982 TRACE powervc_nova.compute.manager allow_redirects=True)
2014-08-28 05:03:33.052 29982 TRACE powervc_nova.compute.manager File "/usr/lib/python2.7/site-packages/neutronclient/client.py", line 113, in _cs_request
2014-08-28 05:03:33.052 29982 TRACE powervc_nova.compute.manager raise exceptions.ConnectionFailed(reason=e)
2014-08-28 05:03:33.052 29982 TRACE powervc_nova.compute.manager ConnectionFailed: Connection to neutron failed: 'HTTPSConnectionPool' object has no attribute 'insecure'
Setting a pdb breakpoint and stepping into the code, I see that the
requests library is getting a connection object from a pool. The
interesting thing is that the connection object is actually from
glanceclient.common.https.HTTPSConnectionPool. It seems odd to me
that neutronclient is using a connection object from glanceclient
pool, but I do not know this requests code. Here is the stack just
before failure:
/usr/lib/python2.7/site-packages/neutronclient/client.py(234)authenticate()
-> self._authenticate_keystone()
/usr/lib/python2.7/site-packages/neutronclient/client.py(212)_authenticate_keystone()
-> allow_redirects=True)
/usr/lib/python2.7/site-packages/neutronclient/client.py(106)_cs_request()
-> resp, body = self.request(*args, **kargs)
/usr/lib/python2.7/site-packages/neutronclient/client.py(151)request()
-> **kwargs)
/usr/lib/python2.7/site-packages/requests/api.py(44)request()
-> return session.request(method=method, url=url, **kwargs)
/usr/lib/python2.7/site-packages/requests/sessions.py(335)request()
-> resp = self.send(prep, **send_kwargs)
/usr/lib/python2.7/site-packages/requests/sessions.py(438)send()
-> r = adapter.send(request, **kwargs)
/usr/lib/python2.7/site-packages/requests/adapters.py(292)send()
-> timeout=timeout
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py(454)urlopen()
-> conn = self._get_conn(timeout=pool_timeout)
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py(272)_get_conn()
-> return conn or self._new_conn()
> /usr/lib/python2.7/site-packages/glanceclient/common/https.py(100)_new_conn()
-> return VerifiedHTTPSConnection(host=self.host,
The code about to run there is this:
class HTTPSConnectionPool(connectionpool.HTTPSConnectionPool):
"""
HTTPSConnectionPool will be instantiated when a new
connection is requested to the HTTPSAdapter.This
implementation overwrites the _new_conn method and
returns an instances of glanceclient's VerifiedHTTPSConnection
which handles no compression.
ssl_compression is hard-coded to False because this will
be used just when the user sets --no-ssl-compression.
"""
scheme = 'https'
def _new_conn(self):
self.num_connections += 1
return VerifiedHTTPSConnection(host=self.host,
port=self.port,
key_file=self.key_file,
cert_file=self.cert_file,
cacert=self.ca_certs,
insecure=self.insecure,
ssl_compression=False)
Note the self.insecure, which does not exist here. I see the
following fairly recent change in the glanceclient.common.https code
that added this:
https://github.com/openstack/python-
glanceclient/commit/dbb242b776908ca50ed8557ebfe7cfcd879366c8#diff-
524c1a0b226fa8e5fb4df6ff5574e153R104
I do not understand this whole flow and if self.insecure was supposed
to have been initialized somewhere else, but it's obviously not.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1362766/+subscriptions