Bug 918159
Summary: | PKI tokens too long for memcached keys | ||
---|---|---|---|
Product: | Red Hat OpenStack | Reporter: | Adam Young <ayoung> |
Component: | openstack-keystone | Assignee: | Adam Young <ayoung> |
Status: | CLOSED ERRATA | QA Contact: | Pavel Sedlák <psedlak> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 2.0 (Folsom) | CC: | ajeain, apevec, ayoung, jhenner |
Target Milestone: | snapshot5 | Keywords: | Triaged |
Target Release: | 2.1 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | openstack-keystone-2012.2.3-5.el6ost | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-04-04 20:23:03 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Adam Young
2013-03-05 15:43:07 UTC
To fix requires these patches suggest for backport to folsom stable: key all backends off of hash of pki token. https://review.openstack.org/#/c/24079/ Use the right subprocess based on os monkeypatch https://review.openstack.org/#/c/23996/ as well as Backport of fix for 24-hour failure of pki. https://review.openstack.org/#/c/23334/ Which has already merged: Verified with openstack-keystone-2012.2.3-7.el6ost. For verification it was required to workaround bug 927929 and bug 948270 to get to the state with PKI and memcached working. With version 2012.2.3-7: ---- $ memcached-tool localhost # Item_Size Max_age Pages Count Full? Evicted Evict_Time OOM 3 152B 0s 1 0 no 0 0 0 5 240B 0s 1 0 no 0 0 0 17 3.5K 494019s 1 1 no 0 0 0 ---- With version 2012.2.3-3 it ends with (for example cinder): ---- $ memcached-tool localhost # Item_Size Max_age Pages Count Full? Evicted Evict_Time OOM ---- And in cinder/api.log there is: ---- 2013-04-04 14:30:11 3922 ERROR cinder.api.openstack [-] Caught error: Key length is > 250 ... 2013-04-04 14:30:11 3922 TRACE cinder.api.openstack File "/usr/lib/python2.6/site-packages/memcache.py", line 632, in _set 2013-04-04 14:30:11 3922 TRACE cinder.api.openstack check_key(key) 2013-04-04 14:30:11 3922 TRACE cinder.api.openstack File "/usr/lib/python2.6/site-packages/memcache.py", line 945, in check_key 2013-04-04 14:30:11 3922 TRACE cinder.api.openstack % SERVER_MAX_KEY_LENGTH) 2013-04-04 14:30:11 3922 TRACE cinder.api.openstack MemcachedKeyLengthError: Key length is > 250 ---- Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0708.html |