+++ This bug was initially created as a clone of Bug #1276118 +++ Description of problem: If OpenStack is configured to have it's adminURL endpoints for services on a private network (or otherwise inaccessible to CFME), then CFME will fail to collect inventory. I've been told by OSP developers that as of OSP7, external access to the adminURL endpoints is off limits and is explicitly blocked. Steps to Reproduce: 1. Setup OSP7 with adminURL service endpoints on a private network 2. Connect CFME to the OSP7 environment 3. Attempt to gather inventory from OSP7 Actual results: CFME fails to gather inventory. The error in the log will reflect the type of networking problem encountered. Usually, "No route to host". Expected results: CFME successfully collects inventory from OSP7. --- Additional comment from Greg Blomquist on 2015-10-28 15:10:12 EDT --- https://github.com/ManageIQ/manageiq/pull/5169 --- Additional comment from CFME Bot on 2015-10-28 15:55:52 EDT --- New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/72d6d7794f0ac06ad85058f99414cd9a27414c88 commit 72d6d7794f0ac06ad85058f99414cd9a27414c88 Author: Greg Blomquist <gblomqui> AuthorDate: Wed Oct 28 14:55:40 2015 -0400 Commit: Greg Blomquist <gblomqui> CommitDate: Wed Oct 28 14:55:40 2015 -0400 Stop using adminURL OSP service endpoints Fog defaults to using adminURL OSP service endpoints for some services. A blind grep of Fog code shows the following: > identity_v2.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > identity_v3.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > image_v1.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > image_v2.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > metering.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > planning.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > volume.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' By explicitly setting the openstack_endpoint_type to 'publicURL', manageIQ will always use the publicURL for all connections to any OpenStack Service Endpoint. https://bugzilla.redhat.com/show_bug.cgi?id=1276118 gems/pending/openstack/openstack_handle/handle.rb | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) --- Additional comment from Oleg Barenboim on 2015-10-29 10:11:56 EDT --- Please create MR on downstream 5.5
New commit detected on cfme/5.4.z: https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=24908430af1ca6ee6d12266b3fe27ddd42882eca commit 24908430af1ca6ee6d12266b3fe27ddd42882eca Author: Greg Blomquist <gblomqui> AuthorDate: Wed Oct 28 14:55:40 2015 -0400 Commit: Greg Blomquist <gblomqui> CommitDate: Tue Nov 10 16:41:16 2015 -0500 Stop using adminURL OSP service endpoints Fog defaults to using adminURL OSP service endpoints for some services. A blind grep of Fog code shows the following: > identity_v2.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > identity_v3.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > image_v1.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > image_v2.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > metering.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > planning.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > volume.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' By explicitly setting the openstack_endpoint_type to 'publicURL', manageIQ will always use the publicURL for all connections to any OpenStack Service Endpoint. https://bugzilla.redhat.com/show_bug.cgi?id=1276118 https://bugzilla.redhat.com/show_bug.cgi?id=1276353 lib/openstack/openstack_handle/handle.rb | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-)
New commit detected on cfme/5.4.z: https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=f1cf151a52faf1301d3f11fd117ae362d9eadfbe commit f1cf151a52faf1301d3f11fd117ae362d9eadfbe Merge: acee802 2490843 Author: Jason Frey <jfrey> AuthorDate: Wed Nov 11 16:18:07 2015 -0500 Commit: Jason Frey <jfrey> CommitDate: Wed Nov 11 16:18:07 2015 -0500 Merge branch 'bz1276353-os-use-public-endpoints' into '5.4.z' Stop using adminURL OSP service endpoints Fog defaults to using adminURL OSP service endpoints for some services. A blind grep of Fog code shows the following: > identity_v2.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > identity_v3.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > image_v1.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > image_v2.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > metering.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > planning.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' > volume.rb: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' By explicitly setting the openstack_endpoint_type to 'publicURL', manageIQ will always use the publicURL for all connections to any OpenStack Service Endpoint. https://bugzilla.redhat.com/show_bug.cgi?id=1276118 https://bugzilla.redhat.com/show_bug.cgi?id=1276353 Upstream: https://github.com/ManageIQ/manageiq/pull/5169 See merge request !397 lib/openstack/openstack_handle/handle.rb | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-)
Verified fixed in 5.4.4.2 - 5.4.4.2.20151130143928_89a28ce.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-2620.html