1225332 – Connection to OSP SSL doesn't get attempted following Errno::ECONNRESET error on non-SSL connection

Bug 1225332 - Connection to OSP SSL doesn't get attempted following Errno::ECONNRESET error on non-SSL connection

Summary: Connection to OSP SSL doesn't get attempted following Errno::ECONNRESET error...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	Providers
Sub Component:
Version:	5.4.0
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	GA
Target Release:	5.5.0
Assignee:	Ladislav Smola
QA Contact:	Ramesh A
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-05-27 07:10 UTC by Jerome Marc
Modified:	2015-12-08 13:12 UTC (History)
CC List:	4 users (show)
Fixed In Version:	5.5.0.1
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-12-08 13:12:24 UTC
Category:	---
Cloudforms Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2015:2551	0	normal	SHIPPED_LIVE	Moderate: CFME 5.5.0 bug fixes and enhancement update	2015-12-08 17:58:09 UTC

Description Jerome Marc 2015-05-27 07:10:10 UTC

Description of problem:
CloudForms is configured with an OpenStack provider which accepts SSL connections only. The CloudForms code is supposed to try to connect using a non-SSL connection and attempt SSL connection if it fails. SSL is never attempted after receiving a Errno::ECONNRESET error.

Version-Release number of selected component (if applicable):
5.4.0.0.19.20150410165622_ad23806 

How reproducible:
Always

Steps to Reproduce (get an environment with OpenStack accepting SSL connections only - e.g. any OpenStack public cloud provider)
1. Configure a new OpenStack provider in CloudForms
2. Refresh Relationships and Power States

Actual results:
The following error can be found in the evm.log and fog.log on the non-SSL connection but the SSL connection is never attempted
 ERROR -- : <Fog> excon.error     #<Excon::Errors::SocketError: Connection reset by peer (Errno::ECONNRESET)>

Expected results:
SSL connection should be attempted following an error on a non-SSL connection

Additional info:
I was able to force SSL connection by modifying the self.try_connection
 definition in CloudForms-OpenStack implementation /var/www/miq/lib/openstack/openstack_handle/handle.rb

Comment 7 Ramesh A 2015-11-19 10:22:33 UTC

Good to go.  Verified and working fine in 5.5.0.11-rc1.20151117182049_653c0d4.  Did not find any issues as 

Following behavior is noticed in when adding an SSL and non SSL provider.

Adding an SSL provider
=======================
[root@host-192-168-55-153 vmdb]# cat log/fog.log
[----] I, [2015-11-19T03:09:29.863918 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...
[----] I, [2015-11-19T03:09:37.707542 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...Complete
[----] I, [2015-11-19T04:03:04.228628 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...
[----] I, [2015-11-19T04:03:11.239990 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...Complete
[----] I, [2015-11-19T04:03:39.345323 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...
[----] I, [2015-11-19T04:03:50.735580 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...Complete
[----] I, [2015-11-19T04:04:14.748371 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...
[----] I, [2015-11-19T04:04:25.211241 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...Complete
[----] I, [2015-11-19T04:05:28.701005 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...
[----] I, [2015-11-19T04:05:34.180976 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...Complete
[----] I, [2015-11-19T04:06:38.087984 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...
[----] I, [2015-11-19T04:06:43.122608 #27622:c71988]  INFO -- : MIQ(ManageIQ::Providers::Openstack::CloudManager::RefreshParser.ems_inv_to_hashes) Collecting data for EMS name: [rhos6-ga-ssl] id: [1]...Complete


Adding an Non-SSL provider
==========================
Adding RHOS provider (non SSL) or RHOS SSL provider added with 5000 port instead of 5443 results in BZ#1272041.

Comment 9 errata-xmlrpc 2015-12-08 13:12:24 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2015:2551

Note You need to log in before you can comment on or make changes to this bug.