yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #60842
[Bug 1632538] Re: Using generate_service_certificate and undercloud_public_vip in undercloud.conf breaks nova
This bug was fixed in the package python-rfc3986 -
0.2.2-0ubuntu0.16.04.1
---------------
python-rfc3986 (0.2.2-0ubuntu0.16.04.1) xenial; urgency=medium
* New upstream point release, resolving issue which causes valid
URLS to be rejected (LP: #1632538).
-- James Page <james.page@xxxxxxxxxx> Thu, 20 Oct 2016 09:55:32 +0100
** Changed in: python-rfc3986 (Ubuntu Xenial)
Status: Fix Committed => Fix Released
** Changed in: python-rfc3986 (Ubuntu Xenial)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1632538
Title:
Using generate_service_certificate and undercloud_public_vip in
undercloud.conf breaks nova
Status in OpenStack Compute (nova):
Incomplete
Status in OpenStack Compute (nova) newton series:
Incomplete
Status in tripleo:
Invalid
Status in python-rfc3986 package in Ubuntu:
Fix Released
Status in python-rfc3986 source package in Xenial:
Fix Released
Status in python-rfc3986 source package in Yakkety:
Fix Committed
Status in python-rfc3986 source package in Zesty:
Fix Released
Bug description:
Enabling SSL on the Undercloud using generate_service_certificate
results in all Nova services on the undercloud (api, cert, compute,
conductor, scheduler), all failing with errors similar to the
following:
2016-10-11 22:28:27.327 66082 CRITICAL nova [req-b5f37af3-96fc-42e2-aaa6-52815aca07fe - - - - -] ConfigFileValueError: Value for option url is not valid: invalid URI: 'https://rdo-ci-fx2-06-s5.v103.rdoci.lab.eng.rdu.redhat.com:13696'
2016-10-11 22:28:27.327 66082 ERROR nova Traceback (most recent call last):
2016-10-11 22:28:27.327 66082 ERROR nova File "/usr/bin/nova-cert", line 10, in <module>
2016-10-11 22:28:27.327 66082 ERROR nova sys.exit(main())
2016-10-11 22:28:27.327 66082 ERROR nova File "/usr/lib/python2.7/site-packages/nova/cmd/cert.py", line 49, in main
2016-10-11 22:28:27.327 66082 ERROR nova service.wait()
2016-10-11 22:28:27.327 66082 ERROR nova File "/usr/lib/python2.7/site-packages/nova/service.py", line 415, in wait
2016-10-11 22:28:27.327 66082 ERROR nova _launcher.wait()
2016-10-11 22:28:27.327 66082 ERROR nova File "/usr/lib/python2.7/site-packages/oslo_service/service.py", line 328, in wait
2016-10-11 22:28:27.327 66082 ERROR nova status, signo = self._wait_for_exit_or_signal()
2016-10-11 22:28:27.327 66082 ERROR nova File "/usr/lib/python2.7/site-packages/oslo_service/service.py", line 303, in _wait_for_exit_or_signal
2016-10-11 22:28:27.327 66082 ERROR nova self.conf.log_opt_values(LOG, logging.DEBUG)
2016-10-11 22:28:27.327 66082 ERROR nova File "/usr/lib/python2.7/site-packages/oslo_config/cfg.py", line 2630, in log_opt_values
2016-10-11 22:28:27.327 66082 ERROR nova _sanitize(opt, getattr(group_attr, opt_name)))
2016-10-11 22:28:27.327 66082 ERROR nova File "/usr/lib/python2.7/site-packages/oslo_config/cfg.py", line 3061, in __getattr__
2016-10-11 22:28:27.327 66082 ERROR nova return self._conf._get(name, self._group)
2016-10-11 22:28:27.327 66082 ERROR nova File "/usr/lib/python2.7/site-packages/oslo_config/cfg.py", line 2672, in _get
2016-10-11 22:28:27.327 66082 ERROR nova value = self._do_get(name, group, namespace)
2016-10-11 22:28:27.327 66082 ERROR nova File "/usr/lib/python2.7/site-packages/oslo_config/cfg.py", line 2715, in _do_get
2016-10-11 22:28:27.327 66082 ERROR nova % (opt.name, str(ve)))
2016-10-11 22:28:27.327 66082 ERROR nova ConfigFileValueError: Value for option url is not valid: invalid URI: 'https://rdo-ci-fx2-06-s5.v103.rdoci.lab.eng.rdu.redhat.com:13696'
2016-10-11 22:28:27.327 66082 ERROR nova
I believe the failure happens inside the [neutron] section of
/etc/nova/nova.conf.
This does not look related to the scheme (https) being used as the
result of enabling SSL because doing a one-off test with the
openstack-nova-conductor service after changing the schema to http
results in the same startup failure.
Another one-off test substituting an IP address instead of a FQDN
inside of nova.conf with the openstack-nova-conductor service as
before results in openstack-nova-conductor starting properly but
eventually failing with a connection-related failure due to the one-
off data used (an IP address of 1.2.3.4).
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1632538/+subscriptions