Re: [openstack-dev] [Congress] New bug for Mitaka: Glance authentication fails after token expiry
+1 for using keystone sessions, I have already raised a patch for the same. https://review.openstack.org/#/c/299121/ Any comments are welcome :) Best Regards, Anusha On 30 March 2016 at 11:33, Kairat Kushaevwrote: > Hi, > I proposed a fix for that: https://review.openstack.org/299136. > Looking forward for yout feedback in that. > > I also reviewed Congress patch a bit and I am wondering if Keystone > sessions is appropriate approach to work with client in services like > Congress. > > > > Best regards, > Kairat Kushaev > > On Tue, Mar 29, 2016 at 10:56 PM, Nikhil Komawar > wrote: > >> Thanks for bringing this up Eric! >> >> On 3/29/16 4:01 PM, Eric K wrote: >> > I just discovered a bug that¹s probably been around a long time but >> hidden >> > by exception suppression. >> https://bugs.launchpad.net/congress/+bug/1563495 >> > When an auth attempt fails due to token expiry, Congress Glance driver >> > obtains a new token from keystone and sets it in Glance client, but for >> > some reason, Glance client continues to use the expired token and fails >> to >> > authenticate. Glance data stops flowing to Congress. It might explain >> the >> > issue Bryan Sullivan ran into >> > ( >> http://lists.openstack.org/pipermail/openstack-dev/2016-February/087364.ht >> > ml). >> > >> > I haven¹t been able to nail down whether it¹s a Congress datasource >> driver >> > issue or a Glance client issue. A few more eyes on it would be great. >> > Thanks! >> > >> > >> > >> > >> __ >> > OpenStack Development Mailing List (not for usage questions) >> > Unsubscribe: >> openstack-dev-requ...@lists.openstack.org?subject:unsubscribe >> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> >> -- >> >> Thanks, >> Nikhil >> >> >> __ >> OpenStack Development Mailing List (not for usage questions) >> Unsubscribe: >> openstack-dev-requ...@lists.openstack.org?subject:unsubscribe >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> > > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [Congress] New bug for Mitaka: Glance authentication fails after token expiry
Hi, I proposed a fix for that: https://review.openstack.org/299136. Looking forward for yout feedback in that. I also reviewed Congress patch a bit and I am wondering if Keystone sessions is appropriate approach to work with client in services like Congress. Best regards, Kairat Kushaev On Tue, Mar 29, 2016 at 10:56 PM, Nikhil Komawarwrote: > Thanks for bringing this up Eric! > > On 3/29/16 4:01 PM, Eric K wrote: > > I just discovered a bug that¹s probably been around a long time but > hidden > > by exception suppression. > https://bugs.launchpad.net/congress/+bug/1563495 > > When an auth attempt fails due to token expiry, Congress Glance driver > > obtains a new token from keystone and sets it in Glance client, but for > > some reason, Glance client continues to use the expired token and fails > to > > authenticate. Glance data stops flowing to Congress. It might explain the > > issue Bryan Sullivan ran into > > ( > http://lists.openstack.org/pipermail/openstack-dev/2016-February/087364.ht > > ml). > > > > I haven¹t been able to nail down whether it¹s a Congress datasource > driver > > issue or a Glance client issue. A few more eyes on it would be great. > > Thanks! > > > > > > > > > __ > > OpenStack Development Mailing List (not for usage questions) > > Unsubscribe: > openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > -- > > Thanks, > Nikhil > > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [Congress] New bug for Mitaka: Glance authentication fails after token expiry
Thanks for bringing this up Eric! On 3/29/16 4:01 PM, Eric K wrote: > I just discovered a bug that¹s probably been around a long time but hidden > by exception suppression. https://bugs.launchpad.net/congress/+bug/1563495 > When an auth attempt fails due to token expiry, Congress Glance driver > obtains a new token from keystone and sets it in Glance client, but for > some reason, Glance client continues to use the expired token and fails to > authenticate. Glance data stops flowing to Congress. It might explain the > issue Bryan Sullivan ran into > (http://lists.openstack.org/pipermail/openstack-dev/2016-February/087364.ht > ml). > > I haven¹t been able to nail down whether it¹s a Congress datasource driver > issue or a Glance client issue. A few more eyes on it would be great. > Thanks! > > > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Thanks, Nikhil __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] [Congress] New bug for Mitaka: Glance authentication fails after token expiry
I just discovered a bug that¹s probably been around a long time but hidden by exception suppression. https://bugs.launchpad.net/congress/+bug/1563495 When an auth attempt fails due to token expiry, Congress Glance driver obtains a new token from keystone and sets it in Glance client, but for some reason, Glance client continues to use the expired token and fails to authenticate. Glance data stops flowing to Congress. It might explain the issue Bryan Sullivan ran into (http://lists.openstack.org/pipermail/openstack-dev/2016-February/087364.ht ml). I haven¹t been able to nail down whether it¹s a Congress datasource driver issue or a Glance client issue. A few more eyes on it would be great. Thanks! __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev