Bug 1241162 - version discovery breaks cinderclient in Kilo
Summary: version discovery breaks cinderclient in Kilo
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: python-cinderclient
Version: 7.0 (Kilo)
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 7.0 (Kilo)
Assignee: Gorka Eguileor
QA Contact: lkuchlan
URL:
Whiteboard:
: 1293620 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-07-08 15:34 UTC by Eric Harney
Modified: 2019-11-14 06:47 UTC (History)
12 users (show)

Fixed In Version: python-cinderclient-1.2.1-3.el7ost
Doc Type: Bug Fix
Doc Text:
Previously, in deployments that used a proxy, Cinder servers would not return the expected publicURL, and would instead return an internal URL that clients would not be able to use. This would result in receiving the response "ERROR: Bad Request (HTTP 400)" to requests. With this update, the premature version discovery addition to Cinder client has now been removed, allowing cases where deployments use a proxy to function as expected.
Clone Of:
Environment:
Last Closed: 2016-08-31 17:38:17 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
OpenStack gerrit 194476 0 None None None Never
Red Hat Product Errata RHBA-2016:1791 0 normal SHIPPED_LIVE openstack-cinder bug fix advisory 2016-08-31 21:35:36 UTC

Description Eric Harney 2015-07-08 15:34:34 UTC 
From http://lists.openstack.org/pipermail/openstack-dev/2015-June/067795.html :

"""

There was a bug raised [1] from some large deployments that the Cinder
client 1.2.0 and beyond is not working because of version discovery.
Unfortunately it's not taking into account of deployments that have a
proxy.

Cinder client asks Keystone to find a publicURL based on a version.
Keystone will gather data from the service catalog and ask Cinder for
a list of the public endpoints and compare. For the proxy cases,
Cinder is giving internal URLs back to the proxy and Keystone ends up
using that instead of the publicURL in the service catalog. As a
result, clients usually won't be able to use the internal URL and
rightfully so.

This is all correctly setup on the deployer's side, this an issue with
the server side code of Cinder.

There is a patch that allows the deployer to specify a configuration
option public_endpoint [2] which was introduced in a patch in Kilo
[3]. The problem though is we can't expect people to already be
running Kilo to take advantage of this, and it leaves deployers
running stable releases of Juno in the dark with clients upgrading and
using the latest.

"""


The implication is that we may have a problem for users who upgrade to the latest cinderclient and try to use it with a Juno (6.0) deployment.

The 7.0 python-cinderclient branch is currently based on 1.2.1.
Comment 3 Eric Harney 2015-07-08 15:36:43 UTC 
Targeting to 7.0 so we can determine what we need to document about this.
Comment 4 Sergey Gotliv 2015-09-17 13:40:16 UTC 
Eric, any progress with that bug?
Comment 5 Gorka Eguileor 2015-12-15 15:57:17 UTC 
A possible workaround when working behind a proxy would be to set "public_endpoint" configuration option in cinder configuration with proxy's URL.
Comment 6 Gorka Eguileor 2016-02-09 10:38:35 UTC 
*** Bug 1293620 has been marked as a duplicate of this bug. ***
Comment 10 Ondrej 2016-04-05 14:05:57 UTC 
Hi Sergey,
where can I download the package? Thx
Comment 14 lkuchlan 2016-05-01 12:33:12 UTC 
I did not manage to verify the bug, probably because misconfiguration.
According to Gorka it was already verified by the costumer, therefore I moved it to VERIFIED.
Comment 17 errata-xmlrpc 2016-08-31 17:38:17 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-1791.html
Note You need to log in before you can comment on or make changes to this bug.