← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #52340

[Bug 1592167] Re: Deleted keypair causes metadata failure

  Thread PreviousDate PreviousThread Next 
Reviewed:  https://review.openstack.org/329661
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=4317166b72bb0aadd0321acdf9f2450c1a99d0a4
Submitter: Jenkins
Branch:    master

commit 4317166b72bb0aadd0321acdf9f2450c1a99d0a4
Author: Matt Riedemann <mriedem@xxxxxxxxxx>
Date:   Tue Jun 14 16:05:35 2016 -0400

    Handle keypair not found from metadata server
    
    With commit e83842b80b73c451f78a4bb9e7bd5dfcebdefcab we
    attempt to load keypairs for an instance from instance_extra,
    but if that hasn't been migrated yet we fall back to loading
    the keypair from the database by name.
    
    If the keypair was deleted, the instance object will just set
    an empty KeyPairList for instance.keypairs and we'll get an
    IndexError when using self.instance.keypairs[0] in
    _metadata_as_json.
    
    This adds a check that instance.keypairs actually has
    something in it. If not, we log a message and don't return
    any key values in the metadata dict - same as if instance.key_name
    wasn't set to begin with.
    
    Change-Id: If823867d1df4bafa46978e62e05826d1f12c9269
    Closes-Bug: #1592167


** Changed in: nova
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1592167

Title:
  Deleted keypair causes metadata failure

Status in OpenStack Compute (nova):
  Fix Released
Status in OpenStack Compute (nova) mitaka series:
  Confirmed

Bug description:
  Description
  ===========

  If a user deletes a keypair that was used to create an instance, that
  instance receives HTTP 400 errors when attempting to get metadata via
  http://169.254.169.254/openstack/latest/meta_data.json.

  This causes problems in the instance when cloud-init fails to retrieve
  the OpenStack datasource.

  Steps to reproduce
  ==================

  1. Create instance with SSH keypair defined.
  2. Delete SSH keypair
  3. Attempt 'curl http://169.254.169.254/openstack/latest/meta_data.json' from the instance

  Expected result
  ===============

  Instance receives metadata from
  http://169.254.169.254/openstack/latest/meta_data.json

  Actual result
  =============

  Instance receives HTTP 400 error.  Additionally, Ubuntu Cloud Image
  instances will fail back to the ec2 datasource and re-generate Host
  SSH keys.

  Environment
  ===========

  Nova:       2015.1.4.2
  Hypervisor: Libvirt + KVM
  Storage:    Ceph
  Network:    Liberty Neutron ML2+OVS

  
  Logs
  ====

  [req-a8385839-6993-4289-96dc-1714afe82597 - - - - -] FaultWrapper error
  Traceback (most recent call last):
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/ec2/__init__.py", line 93, in __call__
      return req.get_response(self.application)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/request.py", line 1299, in send
      application, catch_exc_info=False)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/request.py", line 1263, in call_application
      app_iter = application(self.environ, start_response)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/dec.py", line 130, in __call__
      resp = self.call_func(req, *args, **self.kwargs)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/dec.py", line 195, in call_func
      return self.func(req, *args, **kwargs)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/ec2/__init__.py", line 105, in __call__
      rv = req.get_response(self.application)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/request.py", line 1299, in send
      application, catch_exc_info=False)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/request.py", line 1263, in call_application
      app_iter = application(self.environ, start_response)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/dec.py", line 130, in __call__
      resp = self.call_func(req, *args, **self.kwargs)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/dec.py", line 195, in call_func
      return self.func(req, *args, **kwargs)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/metadata/handler.py", line 137, in __call__
      data = meta_data.lookup(req.path_info)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/metadata/base.py", line 418, in lookup
      data = self.get_openstack_item(path_tokens[1:])
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/metadata/base.py", line 297, in get_openstack_item
      return self._route_configuration().handle_path(path_tokens)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/metadata/base.py", line 491, in handle_path
      return path_handler(version, path)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/metadata/base.py", line 316, in _metadata_as_json
      self.instance.key_name)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/objects/base.py", line 163, in wrapper
      result = fn(cls, context, *args, **kwargs)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/objects/keypair.py", line 60, in get_by_name
      db_keypair = db.key_pair_get(context, user_id, name)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/db/api.py", line 937, in key_pair_get
      return IMPL.key_pair_get(context, user_id, name)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/db/sqlalchemy/api.py", line 233, in wrapper
      return f(*args, **kwargs)
    File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/db/sqlalchemy/api.py", line 2719, in key_pair_get
      raise exception.KeypairNotFound(user_id=user_id, name=name)
  KeypairNotFound: Keypair keypair_name not found for user ffffffffffffffffffffffffffffffff

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1592167/+subscriptions

References

  Thread PreviousDate PreviousThread Next