Bug 1257629 - OpenStack API connections use the adminURL sometimes
Summary: OpenStack API connections use the adminURL sometimes
Keywords:
Status: CLOSED DUPLICATE of bug 1276118
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Providers
Version: 5.4.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: GA
: 5.6.0
Assignee: Greg Blomquist
QA Contact: Dave Johnson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-08-27 13:44 UTC by Greg Blomquist
Modified: 2019-08-15 05:14 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-02-05 17:59:28 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Greg Blomquist 2015-08-27 13:44:28 UTC
I'm not entirely sure yet whether this is a bug in CFME or whether this is a bug in OpenStack's installer.

The problem is that the current OpenStack installer sets up the adminURL endpoints for services on a private network (e.g., 192.168.1.1).  And, CFME uses the adminURL (via the Fog library) to access some pieces of information from the various OpenStack services.

This issue was originally raised as a secondary discussion in bug #1252413.

See the following comments for more details:

* https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c8
* https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c9
* https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c10
* https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c11
* https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c12
* https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c13
* https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c14
* https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c15

Comment 1 Marius Cornea 2015-08-28 15:21:30 UTC
I'll add below my first findings when adding a new Openstack cloud provider  deployed with OSP-d.

Refresh fails because CFME is unable to reach the Glance and Cinder adminURL endpoint:

Service: image
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
|   adminURL  |     http://172.18.0.10:9292/     |
|      id     | 14e4e75dcbbd4cb8acbf4925a1f1c3a9 |
| internalURL |     http://172.18.0.10:9292/     |
|  publicURL  |     http://10.3.53.10:9292/      |
|    region   |            regionOne             |
+-------------+----------------------------------+

[root@osp-d-lab ~]# netstat -tupan | grep SYN
tcp        0      1 10.3.59.198:49646           172.18.0.10:9292            SYN_SENT    6306/worker.rb      

Switched @openstack_endpoint_type to publicURL in /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/image.rb

Cinder:

Service: volume
+-------------+-------------------------------------------------------------+
|   Property  |                            Value                            |
+-------------+-------------------------------------------------------------+
|   adminURL  | http://172.17.0.10:8776/v1/204aca6abccd40a7a2311ed4309199f5 |
|      id     |               26d8728ed4c042cdaddb8856d3bfebcd              |
| internalURL | http://172.17.0.10:8776/v1/204aca6abccd40a7a2311ed4309199f5 |
|  publicURL  |  http://10.3.53.10:8776/v1/204aca6abccd40a7a2311ed4309199f5 |
|    region   |                          regionOne                          |
+-------------+-------------------------------------------------------------+

[root@osp-d-lab ~]# netstat -tupan | grep SYN
tcp        0      1 10.3.59.198:44034           172.17.0.10:8776            SYN_SENT    2632/worker.rb      

Switched @openstack_endpoint_type to publicURL in /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/volume.rb

After spawning an instance the logs showed errors regarding Ceilometer:

Ceilometer:

Service: metering
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
|   adminURL  |     http://172.17.0.10:8777/     |
|      id     | 96ff2e1bd12042e5a0c0a1ec43f9753e |
| internalURL |     http://172.17.0.10:8777/     |
|  publicURL  |     http://10.3.53.10:8777/      |
|    region   |            regionOne             |
+-------------+----------------------------------+

Switched @openstack_endpoint_type to publicURL in /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/metering.rb

In /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack there are still identity.rb, baremetal.rb and planning.rb which are using the adminURL.

Keystone currently works because all the endpoints are using a public IP (see BZ#1236136) but it will also change to use a private subnet for admin and internal API.

Comment 2 kpichard 2015-11-20 14:50:42 UTC
Hello guys,

I also saw this issue on version 5.4 by adding an onpenstack provider. 

CloudFormation actually attack the url given by the user and list correctly all endpoint (public, admin and internal).

Then it interrogate the adminURL for all the api, in my case, CloudForm has only access to public api so i had to change it buy editing code files :

grep -rni publicURL /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/orchestration.rb:152:          @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL'
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/identity.rb:195:          @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL'
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/planning.rb:114:          @openstack_endpoint_type        = options[:openstack_endpoint_type] || 'publicURL'
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/baremetal.rb:266:          @openstack_endpoint_type        = options[:openstack_endpoint_type] || 'publicURL'
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/core.rb:100:      endpoint_type         = (options[:openstack_endpoint_type] || 'publicURL').to_s
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/core.rb:162:      identity_url   = identity_service['endpoints'].find{|s| s['publicURL']}['publicURL'] if identity_service
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/volume.rb:129:          @openstack_endpoint_type        = options[:openstack_endpoint_type] || 'publicURL'
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/image.rb:114:          @openstack_endpoint_type        = options[:openstack_endpoint_type] || 'publicURL'
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/metering.rb:107:          @openstack_endpoint_type        = options[:openstack_endpoint_type] || 'publicURL'
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/network.rb:248:          @openstack_endpoint_type        = options[:openstack_endpoint_type] || 'publicURL'
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/compute.rb:319:          @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL'
/opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/storage.rb:91:          @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL'

Could be great to have the choice in the interface.

Many thanks in advance.

Kévin

Comment 3 Greg Blomquist 2016-02-05 17:59:09 UTC
https://github.com/ManageIQ/manageiq/pull/5169

Comment 4 Greg Blomquist 2016-02-05 17:59:28 UTC

*** This bug has been marked as a duplicate of bug 1276118 ***


Note You need to log in before you can comment on or make changes to this bug.