Bug 1295576 - Cinder quota calls fail when encryption_auth_url is not set
Cinder quota calls fail when encryption_auth_url is not set
Status: CLOSED ERRATA
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-cinder (Show other bugs)
8.0 (Liberty)
All Linux
high Severity urgent
: ga
: 8.0 (Liberty)
Assigned To: Eric Harney
lkuchlan
: Triaged
: 1305926 (view as bug list)
Depends On: 1293391
Blocks: 1295992
  Show dependency treegraph
 
Reported: 2016-01-04 17:32 EST by Joe Talerico
Modified: 2016-04-26 11:15 EDT (History)
13 users (show)

See Also:
Fixed In Version: openstack-cinder-7.0.1-6.el7ost
Doc Type: Bug Fix
Doc Text:
Previously, a bug in the cinder API server quota code used `encryption_auth_url` when it should have used `auth_uri`. Consequently, cinder failed to talk to keystone when querying quota information, causing the client to receive HTTP 500 errors from cinder. This issue has been resolved in 7.0.1. Fix: Fixed in Cinder API service in 7.0.1, resulting in expected behavior of the cinder quota commands.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-04-07 17:16:51 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
logs (48.00 KB, application/x-tar)
2016-01-25 09:05 EST, lkuchlan
no flags Details
log excerpt from python-cinder-7.0.1-5.el7ost.noarch modified to fix logging (10.24 KB, text/plain)
2016-02-09 11:26 EST, Eric Harney
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
Launchpad 1516085 None None None 2016-01-06 14:54 EST
OpenStack gerrit 254700 None None None 2016-01-06 14:53 EST
OpenStack gerrit 262162 None None None 2016-02-09 11:33 EST

  None (edit)
Description Joe Talerico 2016-01-04 17:32:44 EST
Description of problem:
cinder.conf is missing the configuration for keystone. 

When I run: 
[stack@lorenzo ~]$ cinder quota-defaults
usage: cinder quota-defaults <tenant_id>
error: too few arguments
Try 'cinder help quota-defaults' for more information.
[stack@lorenzo ~]$ cinder quota-usage e7deeeae1d9546d7974b4248e59b2267
ERROR: The server has either erred or is incapable of performing the requested operation. (HTTP 500) (Request-ID: req-e364038b-8235-4a7c-956d-c473cc469545)
[stack@lorenzo ~]$ cinder quota-defaults admin
ERROR: The server has either erred or is incapable of performing the requested operation. (HTTP 500) (Request-ID: req-37d619d9-c3ab-43ca-b138-4333ed8cec13)

Looking in the cinder-api log:
2016-01-04 16:13:25.824 49472 ERROR cinder.api.middleware.fault [req-bc8fbc8d-0b1b-4e8d-8c63-6b7a1f6b1070 - - - - -] Caught error: Authorization failed: Unable to establish connection to http://localhost:5000/v3/auth/tokens

Then, in cinder.conf
[keystone_authtoken]

^ is blank.
Comment 2 Joe Talerico 2016-01-05 13:17:12 EST
adding the following to cinder.conf fixed the problem :

[keymgr]
encryption_auth_url=http://172.21.33.10:5000/v3
Comment 7 lkuchlan 2016-01-25 09:05 EST
Created attachment 1118037 [details]
logs
Comment 8 lkuchlan 2016-01-25 09:10:25 EST
Tested using:
python-cinder-7.0.1-5.el7ost.noarch
openstack-cinder-7.0.1-5.el7ost.noarch
python-cinderclient-1.4.0-1.el7ost.noarch

Results:

[stack@instack ~]$ cinder quota-defaults admin
ERROR: The server has either erred or is incapable of performing the requested operation. (HTTP 500) (Request-ID: req-f60b6596-67d8-46f3-b35d-e8704b7151de)
[stack@instack ~]$ cinder quota-defaults 3a85e4a722e64171be1f495f3c47ccc8
ERROR: The server has either erred or is incapable of performing the requested operation. (HTTP 500) (Request-ID: req-4ca2c204-2921-4421-aceb-a1b0037759d1)

From cinder-api.log:

2016-01-25 08:54:34.939 2527 ERROR cinder.api.middleware.fault [req-4ca2c204-2921-4421-aceb-a1b0037759d1 895a2cab60e449939bc1764458f305a3 3a85e4a722e64171be1f495f3c47ccc8 - - -] Caught error: Not enough information to determine URL. Provide either auth_url or endpoint
2016-01-25 08:54:34.941 2527 INFO cinder.api.middleware.fault [req-4ca2c204-2921-4421-aceb-a1b0037759d1 895a2cab60e449939bc1764458f305a3 3a85e4a722e64171be1f495f3c47ccc8 - - -] http://192.0.2.6:8776/v2/3a85e4a722e64171be1f495f3c47ccc8/os-quota-sets/3a85e4a722e64171be1f495f3c47ccc8/defaults returned with HTTP 500
Comment 9 Eric Harney 2016-02-09 11:26 EST
Created attachment 1122447 [details]
log excerpt from python-cinder-7.0.1-5.el7ost.noarch modified to fix logging

After modifying cinder/api/middleware/fault.py FaultWrapper _error to use LOG.exception for "Caught error", I see this error:

# cinder quota-defaults admin
ERROR: The server has either erred or is incapable of performing the requested operation. (HTTP 500) (Request-ID: req-3c9e8a28-ffa2-4019-9968-f30fefac8097)

# rpm -q python-cinder
python-cinder-7.0.1-5.el7ost.noarch
Comment 10 Eric Harney 2016-02-09 11:35:05 EST
The current issue, fixed by the upstream patch 262162, is that Cinder only works w/ keystoneclient v3.  Will backport this additional fix to remedy that problem.
Comment 11 Eric Harney 2016-02-10 08:51:51 EST
*** Bug 1305926 has been marked as a duplicate of this bug. ***
Comment 13 lkuchlan 2016-02-14 05:07:20 EST
Tested using:
python-cinderclient-1.5.0-1.el7ost.noarch
openstack-cinder-7.0.1-6.el7ost.noarch
python-cinder-7.0.1-6.el7ost.noarch

Results:

[stack@instack ~]$ cinder quota-defaults bb5b83f3957140dab90527540e28f07a
+----------------------+-------+
|       Property       | Value |
+----------------------+-------+
|   backup_gigabytes   |  1000 |
|       backups        |   10  |
|      gigabytes       |  1000 |
| per_volume_gigabytes |   -1  |
|      snapshots       |   10  |
|       volumes        |   10  |
+----------------------+-------+
Comment 14 errata-xmlrpc 2016-04-07 17:16:51 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-0603.html

Note You need to log in before you can comment on or make changes to this bug.