yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #33414
[Bug 1461752] [NEW] Error at listener's barbican container validation
Public bug reported:
There is a error while validating the barabican container associated
with listener (tls and sni) at plugin layer.
In validate_tls_container() ,contain_id is passed where as it is
expecting container_ref.
def _validate_tls(self, listener, curr_listener=None):
def validate_tls_container(container_ref):
...
def validate_tls_containers(to_validate):
for container_ref in to_validate:
validate_tls_container(container_ref)
...
if len(to_validate) > 0:
validate_tls_containers(to_validate)
#to_validate is list of container_ids.
#at barbican_cert_manager.py get_cert() is cert_ref is a UUID instead
of ref_url for container.
def get_cert(cert_ref, service_name='Octavia', resource_ref=None,
check_only=False, **kwargs):
...
:param cert_ref: the UUID of the cert to retrieve
...
cert_container = connection.containers.get(
container_ref=cert_ref
#above container_ref is a UUID whereas connection.container.get()
expects a reference url.
We should prepare ref_url from container UUID
following should fix the issue.
diff --git a/neutron_lbaas/common/cert_manager/barbican_cert_manager.py b/neutron_lbaas/common/cert_manager/barbican_cert_manager.py
index 1ad38ee..8d3c3c4 100644
--- a/neutron_lbaas/common/cert_manager/barbican_cert_manager.py
+++ b/neutron_lbaas/common/cert_manager/barbican_cert_manager.py
@@ -219,6 +222,9 @@ class CertManager(cert_manager.CertManager):
"""
connection = BarbicanKeystoneAuth.get_barbican_client()
+ if self.is_UUID(cert_ref):
+ cert_ref = self.get_cert_ref_url(cert_ref)
+
Error log:
-----------------------------------------------------------------------------------------------------------------------------------------------
ERROR neutron_lbaas.common.cert_manager.barbican_cert_manager [req-a5e704fb-f04b-45f2-9c50-f3bfebe09afd admin 5ca9f
cbf4652456a9bd53582b86bd0e9] Error getting 0b8d5af0-c156-46ad-b4c6-882a84824ce2
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager Traceback (most recent call last):
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager File "/opt/stack/neutron-lbaas/neutron_lbaas/common
/cert_manager/barbican_cert_manager.py", line 228, in get_cert
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager container_ref=cert_ref
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager File "/opt/stack/python-barbicanclient/barbicanclie
nt/containers.py", line 528, in get
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager base.validate_ref(container_ref, 'Container')
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager File "/opt/stack/python-barbicanclient/barbicanclie
nt/base.py", line 35, in validate_ref
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager raise ValueError('{0} incorrectly specified.'.for
mat(entity))
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager ValueError: Container incorrectly specified.
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager
2015-06-04 09:58:38.167 INFO neutron.api.v2.resource [req-a5e704fb-f04b-45f2-9c50-f3bfebe09afd admin 5ca9fcbf4652456a9bd53582b86bd0e9] crea
te failed (client error): TLS container 0b8d5af0-c156-46ad-b4c6-882a84824ce2 could not be found
---------------------------------------------------------------------------------------------------------------------------------------------------
** Affects: neutron
Importance: Undecided
Status: New
** Tags: lbaas
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1461752
Title:
Error at listener's barbican container validation
Status in OpenStack Neutron (virtual network service):
New
Bug description:
There is a error while validating the barabican container associated
with listener (tls and sni) at plugin layer.
In validate_tls_container() ,contain_id is passed where as it is
expecting container_ref.
def _validate_tls(self, listener, curr_listener=None):
def validate_tls_container(container_ref):
...
def validate_tls_containers(to_validate):
for container_ref in to_validate:
validate_tls_container(container_ref)
...
if len(to_validate) > 0:
validate_tls_containers(to_validate)
#to_validate is list of container_ids.
#at barbican_cert_manager.py get_cert() is cert_ref is a UUID instead
of ref_url for container.
def get_cert(cert_ref, service_name='Octavia', resource_ref=None,
check_only=False, **kwargs):
...
:param cert_ref: the UUID of the cert to retrieve
...
cert_container = connection.containers.get(
container_ref=cert_ref
#above container_ref is a UUID whereas connection.container.get()
expects a reference url.
We should prepare ref_url from container UUID
following should fix the issue.
diff --git a/neutron_lbaas/common/cert_manager/barbican_cert_manager.py b/neutron_lbaas/common/cert_manager/barbican_cert_manager.py
index 1ad38ee..8d3c3c4 100644
--- a/neutron_lbaas/common/cert_manager/barbican_cert_manager.py
+++ b/neutron_lbaas/common/cert_manager/barbican_cert_manager.py
@@ -219,6 +222,9 @@ class CertManager(cert_manager.CertManager):
"""
connection = BarbicanKeystoneAuth.get_barbican_client()
+ if self.is_UUID(cert_ref):
+ cert_ref = self.get_cert_ref_url(cert_ref)
+
Error log:
-----------------------------------------------------------------------------------------------------------------------------------------------
ERROR neutron_lbaas.common.cert_manager.barbican_cert_manager [req-a5e704fb-f04b-45f2-9c50-f3bfebe09afd admin 5ca9f
cbf4652456a9bd53582b86bd0e9] Error getting 0b8d5af0-c156-46ad-b4c6-882a84824ce2
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager Traceback (most recent call last):
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager File "/opt/stack/neutron-lbaas/neutron_lbaas/common
/cert_manager/barbican_cert_manager.py", line 228, in get_cert
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager container_ref=cert_ref
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager File "/opt/stack/python-barbicanclient/barbicanclie
nt/containers.py", line 528, in get
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager base.validate_ref(container_ref, 'Container')
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager File "/opt/stack/python-barbicanclient/barbicanclie
nt/base.py", line 35, in validate_ref
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager raise ValueError('{0} incorrectly specified.'.for
mat(entity))
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager ValueError: Container incorrectly specified.
2015-06-04 09:58:38.126 TRACE neutron_lbaas.common.cert_manager.barbican_cert_manager
2015-06-04 09:58:38.167 INFO neutron.api.v2.resource [req-a5e704fb-f04b-45f2-9c50-f3bfebe09afd admin 5ca9fcbf4652456a9bd53582b86bd0e9] crea
te failed (client error): TLS container 0b8d5af0-c156-46ad-b4c6-882a84824ce2 could not be found
---------------------------------------------------------------------------------------------------------------------------------------------------
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1461752/+subscriptions
Follow ups
References
