[Yahoo-eng-team] [Bug 1545960] [NEW] authenticating with ldap user fails due to notification
Public bug reported: I setup a non-default domain with an LDAP backend, with emails as usernames. This caused ldap user authentication to fail: 2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP init: url=ldap://bluepages.ibm.com 2016-02-16 02:49:48.311 _common_ldap_initialization /opt/stack/keystone/keystone/common/ldap/core.py:579 2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP init: use_tls=False tls_cacertfile=None tls_cacertdir=None tls_req_cert=2 tls_avail=1 2016-02-16 02:49:48.311 _common_ldap_initialization /opt/stack/keystone/keystone/common/ldap/core.py:583 2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP search: base=ou=bluepages,o=ibm.com scope=2 filterstr=(&(mail=steve...@ca.ibm.com)(objectClass=ibmPerson)(uid=*)) attrs=['mail', 'userPassword', 'enabled', 'uid'] attrsonly=0 2016-02-16 02:49:48.311 search_s /opt/stack/keystone/keystone/common/ldap/core.py:938 2016-02-16 02:49:48.418 18101 DEBUG keystone.common.ldap.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP unbind 2016-02-16 02:49:48.418 unbind_s /opt/stack/keystone/keystone/common/ldap/core.py:911 2016-02-16 02:49:48.420 18101 DEBUG keystone.identity.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] ID Mapping - Domain ID: f661d8c0c14848f5909cf5229a473377, Default Driver: False, Domains: False, UUIDs: False, Compatible IDs: True 2016-02-16 02:49:48.420 _set_domain_id_and_mapping /opt/stack/keystone/keystone/identity/core.py:577 2016-02-16 02:49:48.420 18101 DEBUG keystone.identity.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] Local ID: 011918649 2016-02-16 02:49:48.420 _set_domain_id_and_mapping_for_single_ref /opt/stack/keystone/keystone/identity/core.py:595 2016-02-16 02:49:48.425 18101 DEBUG keystone.identity.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] Found existing mapping to public ID: 2165702f085e15ff59308d8723df016d75fdd07e9af527a881b87812278e5068 2016-02-16 02:49:48.425 _set_domain_id_and_mapping_for_single_ref /opt/stack/keystone/keystone/identity/core.py:608 2016-02-16 02:32:22.650 17136 ERROR keystone.common.wsgi [req-0fb5bb7b-2ba1-4ced-a814-71bd53939d46 - - - - -] 'ascii' codec can't decode byte 0xec in position 2: ordinal not in range(128) 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi Traceback (most recent call last): 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi File "/opt/stack/keystone/keystone/common/wsgi.py", line 247, in __call__ 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi result = method(context, **params) 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi File "/opt/stack/keystone/keystone/auth/controllers.py", line 396, in authenticate_for_token 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi self.authenticate(context, auth_info, auth_context) 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi File "/opt/stack/keystone/keystone/auth/controllers.py", line 520, in authenticate 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi auth_context) 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi File "/opt/stack/keystone/keystone/auth/plugins/password.py", line 36, in authenticate 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi password=user_info.password) 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi File "/opt/stack/keystone/keystone/common/manager.py", line 124, in wrapped 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi __ret_val = __f(*args, **kwargs) 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi File "/opt/stack/keystone/keystone/notifications.py", line 555, in wrapper 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi initiator = _get_request_audit_info(context, user_id) 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi File "/opt/stack/keystone/keystone/notifications.py", line 521, in _get_request_audit_info 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi initiator.id = utils.resource_uuid(user_id) 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi File "/opt/stack/keystone/keystone/common/utils.py", line 60, in resource_uuid 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi return uuid.uuid5(RESOURCE_ID_NAMESPACE, value).hex 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi File "/usr/lib/python2.7/uuid.py", line 567, in uuid5 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi hash = sha1(namespace.bytes + name).digest() 2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi UnicodeDecodeError: 'ascii' codec can't decode byte 0xec in position 2: ordinal not in range(128) ** Affects: keystone Importance: High Assignee: Steve Martinelli (stevemar) Status: New ** Changed in:
[Yahoo-eng-team] [Bug 1429566] Re: misused region / region_id in EP
per the comments in that patch, no bother to fix this. ** Changed in: keystone Status: In Progress => Won't Fix -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1429566 Title: misused region / region_id in EP Status in OpenStack Identity (keystone): Won't Fix Bug description: Checked from the current IMPL in EP, 'region_id' has the same meaning with 'region', and region with the context actaully means 'region_id'. https://github.com/openstack/keystone/blob/master/keystone/catalog/backends/sql.py#L333 endpoint['region'] = endpoint['region_id'] But, region and region_id is not used in a consistent way, for example, Table definition, region_id is used, https://github.com/openstack/keystone/blob/master/keystone/catalog/backends/sql.py#L76 Upgrade or downgrade scripts, region is used, https://github.com/openstack/keystone/blob/master/keystone/common/sql/migrate_repo/versions/042_endpoint_enabled.py#L126 EP in the catalog when using SQL as the backend, both region and region_id are presented in the catalog, this seems is not necessary. https://github.com/openstack/keystone/blob/master/keystone/catalog/backends/sql.py#L333 while using the template as the backend, only region is presented in the catalog, https://github.com/openstack/keystone/blob/master/keystone/catalog/core.py#L487 some code cleanup will help to give a consistent way to use region or region_id. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1429566/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1542962] Re: DHCP agent RuntimeError when dnsmasq_config_file is not given
** Changed in: neutron Status: In Progress => Opinion -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1542962 Title: DHCP agent RuntimeError when dnsmasq_config_file is not given Status in neutron: Opinion Bug description: DHCP agent RuntimeError when is not given To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1542962/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1525780] Re: neutron-openvswitch-agent fails to terminate on SIGTERM when of_interface=native
Reviewed: https://review.openstack.org/257204 Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=f01affa0935026f001916f41514b9ff12fa73bb1 Submitter: Jenkins Branch:master commit f01affa0935026f001916f41514b9ff12fa73bb1 Author: IWAMOTO ToshihiroDate: Mon Dec 14 17:02:00 2015 +0900 Call Ryu's clean up function when ovs_neutron_agent.main terminates When the of_interface=native configuration is active, Ryu's event loop must be explicitly terminated. Change-Id: I28779cf0da6a9b369922566998ec388679593819 Closes-bug: 1525780 ** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1525780 Title: neutron-openvswitch-agent fails to terminate on SIGTERM when of_interface=native Status in neutron: Fix Released Bug description: The summary says everything. It is due to Ryu's event loop handling. The following patch revealed this bug: https://review.openstack.org/#/c/231351/4/ To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1525780/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1544821] Re: keyston: redundent ldap url do not got to failover one when firewall silently drops packets
changing this to keystone instead of keystoneauth. not entirely sure what we can do about this, we simply pass the options down to openldap ** Also affects: keystone Importance: Undecided Status: New ** Changed in: keystoneauth Status: New => Invalid ** Tags removed: keystone -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1544821 Title: keyston: redundent ldap url do not got to failover one when firewall silently drops packets Status in OpenStack Identity (keystone): New Status in keystoneauth: Invalid Bug description: Actual Problem while a list of LDAP servers is possible there isn't a built-in timeout mechanism in Keystone to failover to the next LDAP server in the list if there is no response. Try setting your first LDAP server in the list to a server which will not respond on 636 i.e. behind a firewall that silently drops packets. What you will find is Keystone will hang waiting for a connection timeout and keystone authentication will timeout. Replicated the issue and here is the result ++ My keystone auth config for the domain /etc/keystone/domains/keystone.LAB.conf ~~~ [ldap] url = ldaps://ipb.test.com,ldaps://ipa.test.com user = uid=svc-ldap,cn=users,cn=accounts,dc=test,dc=com user_filter = (memberOf=cn=grp-openstack,cn=groups,cn=accounts,dc=test,dc=com) password = redhat user_tree_dn = cn=users,cn=accounts,dc=test,dc=com ~~~ Both of the ldap server are IPA When it works and goes to ldaps://ipa.test.com - When we stop IPA service on ipb.test.com - When we shutdown the ldap/ldaps port on ipb.test.com When it do not work - Drop the packet like # ipatables -I INPUT -s OSP-Controller -j DROP - Network stop responding ** But its work well when it " Destination Host Unreachable" (Manually delete the arp from the table) To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1544821/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545455] Re: devstack issue: OSError: [Errno 2] No such file or directory: '/opt/stack/horizon/openstack_dashboard/themes/webroot'
i got it fixed by myself by re-do everything. remove existing folders: devstack , stack. then as following steps to re-do: 1. Download DevStack (i am using root user) cd /opt git clone https://git.openstack.org/openstack-dev/devstack note: if error occurs, its better to remove the existing files and re-download. 2. Add stack user, even you already created stack user, you can run the command. cd /opt/devstack/tools ./create-stack-user.sh 3. Change the ownership to stack. cd /opt/ chown -R stack:stack /opt/devstack 4. switch to stack user (password is stack) su stack 5. Additional changes, which block me for several days. i have to edit /opt/devstack/stackrc file, change the line GIT_BASE=${GIT_BASE:-git://git.openstack.org} to GIT_BASE=${GIT_BASE:-https://git.openstack.org}, as the git:// is not available to me. (i am in China) 6. run stack.sh (remember now i am using stack user) cd /opt/devstack ./stack.sh Note: this will take a few hours to complete download. if error occurs, you can re-run ./stack.sh, as it will continue downloading the incomplete files, instead start from scratch. 7. once step 6 completed successfully, you will be able see log, saying how long stack.sh completed 8. now you can goto browser to login the dashboard. http://127.0.0.1:9080/dashboard ** Changed in: horizon Status: New => Invalid ** Changed in: horizon Assignee: (unassigned) => kaishen (kaishen-yang) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1545455 Title: devstack issue: OSError: [Errno 2] No such file or directory: '/opt/stack/horizon/openstack_dashboard/themes/webroot' Status in OpenStack Dashboard (Horizon): Invalid Bug description: hi Team, i am new to Openstack, i am trying with Devstack. I am following the guide lines to setup devstack in one Virtual box machine (Ubuntu 14.04.3-server-amd64). when i run ./stack.sh, I always get error from console like following: -- 2016-02-14 13:41:15.957 | Starting Horizon + /opt/devstack/lib/horizon:init_horizon:L141: sudo rm -f '/var/log/apache2/horizon_*' + /opt/devstack/lib/horizon:init_horizon:L144: local django_admin + /opt/devstack/lib/horizon:init_horizon:L145: type -p django-admin + /opt/devstack/lib/horizon:init_horizon:L146: django_admin=django-admin + /opt/devstack/lib/horizon:init_horizon:L152: DJANGO_SETTINGS_MODULE=openstack_dashboard.settings + /opt/devstack/lib/horizon:init_horizon:L152: django-admin collectstatic --noinput Traceback (most recent call last): File "/usr/local/bin/django-admin", line 11, in sys.exit(execute_from_command_line()) File "/usr/local/lib/python2.7/dist-packages/django/core/management/__init__.py", line 354, in execute_from_command_line utility.execute() File "/usr/local/lib/python2.7/dist-packages/django/core/management/__init__.py", line 346, in execute self.fetch_command(subcommand).run_from_argv(self.argv) File "/usr/local/lib/python2.7/dist-packages/django/core/management/base.py", line 394, in run_from_argv self.execute(*args, **cmd_options) File "/usr/local/lib/python2.7/dist-packages/django/core/management/base.py", line 445, in execute output = self.handle(*args, **options) File "/usr/local/lib/python2.7/dist-packages/django/contrib/staticfiles/management/commands/collectstatic.py", line 168, in handle collected = self.collect() File "/usr/local/lib/python2.7/dist-packages/django/contrib/staticfiles/management/commands/collectstatic.py", line 98, in collect for path, storage in finder.list(self.ignore_patterns): File "/usr/local/lib/python2.7/dist-packages/django/contrib/staticfiles/finders.py", line 112, in list for path in utils.get_files(storage, ignore_patterns): File "/usr/local/lib/python2.7/dist-packages/django/contrib/staticfiles/utils.py", line 28, in get_files directories, files = storage.listdir(location) File "/usr/local/lib/python2.7/dist-packages/django/core/files/storage.py", line 299, in listdir for entry in os.listdir(path): OSError: [Errno 2] No such file or directory: '/opt/stack/horizon/openstack_dashboard/themes/webroot' + /opt/devstack/lib/horizon:init_horizon:L1: exit_trap + ./stack.sh:exit_trap:L474: local r=1 ++ ./stack.sh:exit_trap:L475: jobs -p + ./stack.sh:exit_trap:L475: jobs= + ./stack.sh:exit_trap:L478: [[ -n '' ]] + ./stack.sh:exit_trap:L484: kill_spinner + ./stack.sh:kill_spinner:L370: '[' '!' -z '' ']' + ./stack.sh:exit_trap:L486: [[ 1 -ne 0 ]] + ./stack.sh:exit_trap:L487: echo 'Error on exit' Error on exit + ./stack.sh:exit_trap:L488: generate-subunit 1455456924 353 fail + ./stack.sh:exit_trap:L489:
[Yahoo-eng-team] [Bug 1545892] [NEW] Missing backdrop on "Add Group Assignment" modal
Public bug reported: All if not most modal have semi-opaque backdrops. The Add-Group- Assignment modal does not have one. Reproduce: 1. Go to Identity > Groups. 2. Click click "Manage Members" for any particular group from the table. 3. Click on "Add Users". Expected: Has a semi-opaque backdrop behind the modal. Actual: Has no semi-opaque backdrop behind the modal. ** Affects: horizon Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1545892 Title: Missing backdrop on "Add Group Assignment" modal Status in OpenStack Dashboard (Horizon): New Bug description: All if not most modal have semi-opaque backdrops. The Add-Group- Assignment modal does not have one. Reproduce: 1. Go to Identity > Groups. 2. Click click "Manage Members" for any particular group from the table. 3. Click on "Add Users". Expected: Has a semi-opaque backdrop behind the modal. Actual: Has no semi-opaque backdrop behind the modal. To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1545892/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1531011] Re: When firewall rule is inserted/deleted from a policy, notifications are not generated
Reviewed: https://review.openstack.org/271552 Committed: https://git.openstack.org/cgit/openstack/neutron-fwaas/commit/?id=79237e5080e579272101fb198ff0d48ae72c3a98 Submitter: Jenkins Branch:master commit 79237e5080e579272101fb198ff0d48ae72c3a98 Author: Paddu KrishnanDate: Thu Jan 21 18:37:46 2016 -0800 Send Notifications for Firewall policy updates Currently notifications are generated for the following: a. When a Firewall is created/deleted b. when a rule is created/deleted/modified c. When a policy is created/deleted. But, after a policy is created, when rules are inserted or removed from a policy, no notifications are generated. These notifications refer to the audit logs for fwaas operations performed by a user. The proposed fix is similar to how notifications are generated for interfaces added or deleted to router and DHCP agent notifications. Change-Id: I7242867e41abc625eb1085983118c09a28249b85 Closes-Bug: #1531011 ** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1531011 Title: When firewall rule is inserted/deleted from a policy, notifications are not generated Status in neutron: Fix Released Bug description: For Firewall, Rabbitmq Notifications are generated for the following: When a Firewall is created/deleted when a rule is created/deleted/modified When a policy is created/deleted. But, after a policy is created, when rules are inserted or removed from a policy, no notifications are generated. The following is the screen shot when a firewall is deleted, captured using rabbitmqadmin (an example to indicate what notifications is referred here). This issue is found in both Kilo and Juno. | routing_key | exchange | message_count | payload | payload_bytes | payload_encoding | redelivered | +---+--+---+ +---+--+-+ | Test_neutron_notify.info | neutron | 1 | {"_context_roles": ["_member_", "admin"], "_context_request_id": "req-4170bbcc-b467-4686-a97f-38324fc54bc5", "event_type": "firewall.delete.start", "timestamp": "2016-01-04 22:28:27.885535", "_context_tenant_id": "2028fe85b5ef4cffa1a9a88a39a37787", "_context_user": "22fab1c0e5534e1099a42fb85286c922", "_unique_id": "93de171182df4b00a77be4e1b9ea02da", "_context_tenant_name": "KLPROJ", "_context_user_id": "22fab1c0e5534e1099a42fb85286c922", "payload": {"firewall_id": "ddce3c3c-5a5c-48e1-8d44-612b21c96033"}, "_context_project_name": "KLPROJ", "_context_read_deleted": "no", "_context_auth_token": "b1166ae3cbb4419ca9983c3cf8895ed0", "_context_tenant": "2028fe85b5ef4cffa1a9a88a39a37787", "priority": "INFO", "_context_is_admin": true, "_context_project_id":
[Yahoo-eng-team] [Bug 1545370] Re: pycryptodome breaks nova/barbican/glance/kite
Reviewed: https://review.openstack.org/279909 Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=1fd0f4f69b21cbd20c0eb0e2f8f4506061f4a211 Submitter: Jenkins Branch:master commit 1fd0f4f69b21cbd20c0eb0e2f8f4506061f4a211 Author: Davanum SrinivasDate: Sat Feb 13 21:22:54 2016 -0500 Tolerate installation of pycryptodome Newer versions of pysaml2 uses pycryptodome, so if by accident if this library gets installed, Nova breaks. paramiko folks are working on this: https://github.com/paramiko/paramiko/issues/637 In the meanwhile, we should tolerate if either pycrypto or pycryptodome is installed. Closes-Bug: #1545370 Change-Id: If88beeb3983705621fe736995939ac20b2daf1f3 ** Changed in: nova Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1545370 Title: pycryptodome breaks nova/barbican/glance/kite Status in Barbican: New Status in Glance: New Status in OpenStack Compute (nova): Fix Released Bug description: pysaml2===4.0.3 drags in pycryptodome===3.4 which breaks Nova in the both unit tests and grenade. nova.tests.unit.test_crypto.KeyPairTest.test_generate_key_pair_1024_bits Captured traceback: ~~~ Traceback (most recent call last): File "nova/tests/unit/test_crypto.py", line 352, in test_generate_key_pair_1024_bits (private_key, public_key, fingerprint) = crypto.generate_key_pair(bits) File "nova/crypto.py", line 165, in generate_key_pair key = paramiko.RSAKey.generate(bits) File "/Users/dims/openstack/openstack/nova/.tox/py27/lib/python2.7/site-packages/paramiko/rsakey.py", line 146, in generate rsa = RSA.generate(bits, os.urandom, progress_func) File "/Users/dims/openstack/openstack/nova/.tox/py27/lib/python2.7/site-packages/Crypto/PublicKey/RSA.py", line 436, in generate if e % 2 == 0 or e < 3: TypeError: unsupported operand type(s) for %: 'NoneType' and 'int' To manage notifications about this bug go to: https://bugs.launchpad.net/barbican/+bug/1545370/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545861] [NEW] Hz-table-controller should return only selected items
Public bug reported: Hz-table-controller currently returns a map of items that were checked/unchecked. We then have to manually filter through this list to get the selected items. To make matters more confusing, this map is wrongly called selected. Misleading 'selected' property: https://github.com/openstack/horizon/blob/master/horizon/static/framework/widgets/table/table.controller.js#L34 Manually filtering example: https://github.com/openstack/horizon/blob/master/openstack_dashboard/static/app/core/images/actions/batch-delete.service.js#L77 ** Affects: horizon Importance: Medium Assignee: Thai Tran (tqtran) Status: New ** Description changed: Hz-table-controller currently returns a map of items that were checked/unchecked. We then have to manually filter through this list to - get the selected items. To make matters worse, this map is wrongly - called selected. + get the selected items. To make matters more confusing, this map is + wrongly called selected. + + Misleading 'selected' property: https://github.com/openstack/horizon/blob/master/horizon/static/framework/widgets/table/table.controller.js#L34 + Manually filtering example: https://github.com/openstack/horizon/blob/master/openstack_dashboard/static/app/core/images/actions/batch-delete.service.js#L77 -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1545861 Title: Hz-table-controller should return only selected items Status in OpenStack Dashboard (Horizon): New Bug description: Hz-table-controller currently returns a map of items that were checked/unchecked. We then have to manually filter through this list to get the selected items. To make matters more confusing, this map is wrongly called selected. Misleading 'selected' property: https://github.com/openstack/horizon/blob/master/horizon/static/framework/widgets/table/table.controller.js#L34 Manually filtering example: https://github.com/openstack/horizon/blob/master/openstack_dashboard/static/app/core/images/actions/batch-delete.service.js#L77 To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1545861/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545312] Re: keystone install : unmet dependencies
** Changed in: keystone Status: New => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1545312 Title: keystone install : unmet dependencies Status in OpenStack Identity (keystone): Invalid Status in keystone package in Ubuntu: New Bug description: Working with ubuntu 14.04 image When installing keystone with the following command: apt-get install -y keystone apache2 libapache2-mod-wsgi memcached python-memcache python-openstackclient It tells me the following packages have unmet dependences: keystone : Depends: python-keystone (= 2:8.0.1-0ubuntu1~cloud0) but 1:2014.1.5-0ubuntu1 is to be installed python-openstackclient: Depends: python-cinderclient (>= 1:1.3.1) but 1:1.0.8-0ubuntu2 is to be installed Depends: python-glanceclient (>= 1:0.18.0) but 1:0.12.0-0ubuntu1 is to be installed Depends: python-keystoneclient(>= 1:1.6.0) but 1:0.7.1-ubuntu1.3 is to be installed Depends: python-neutronclient(>= 1:2.6.0) but it is not going to be installed Depends: python-novaclient(>= 2:2.28.1) but 1:2.17.0-0ubuntu1.2 is to be installed Depends: python-oslo-serialization (>= 1.2.0) but it is not going to be installed Depends: python-oslo.utils (>= 2.0.0) but it is not going to be installed aptitude tells me that python-keystone has the following dependences that are unavailable or unsatisfied: python-cryptography (>= 1.0) (unavailable) python-keystoneclient (>= 1:1.6.0) (unsatisfied) python-keystonemiddleware (>= 2.0.0) (unsatisfied) python-migrate (>= 0.9.6) (unsatisfied) python-msgpack(>=0.4.0) (unavailable) python-oslo.concurrency (>= 2.3.0) (unsatisfied) python-oslo.config(>= 1:2.3.0) (unsatisfied) python-oslo.context(>= 0.2.0) (unsatisfied) python-oslo.db (>=2.4.1) (unsatisfied) python-oslo.i18n (>= 1.5.0) (unsatisfied) python-oslo.log (>= 1.8.0) (unsatisfied) python-oslo.messaging (>= 1.16.0) (unsatisfied) python-oslo.middalware (>= 2.8.0) (unsatisfied) python-oslo.policy(>= 0.5.0) (unsatisfied) python-oslo.serialization (>= 1.4.0) (unsatisfied) python-oslo.service (>= 0.7.0) (unsatisfied) python-oslo.utils (= 2.0.0) (unsatisfied) python-pycadf (>= 1.1.0) (unsatisfied) python-pysaml2 (>= 2.4.0) (unsatisfied) python-sqlalchemy (>= 1.0~) (unsatisfied) To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1545312/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1544313] Re: LBaaSv2 agent schedules LB's to agents that are offline
If I wait longer than 75 seconds, the LB gets scheduled to an agent that's alive every time. We can close this bug. ** Changed in: neutron Status: Incomplete => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1544313 Title: LBaaSv2 agent schedules LB's to agents that are offline Status in neutron: Invalid Bug description: When I create load balancers via the LBaaSv2 agent, the load balancer will be scheduled to an agent that is offline. I'm not sure if this occurs in Mitaka, but it is happening with the latest commits from Liberty. To reproduce: * Ensure you have two neutron lbaasv2 agents running, one on each server * Stop one of the agents * Use neutron lbaas-loadbalancer-create to create two new load balancers * One will be PENDING_CREATE since it was scheduled to the agent that is down I would expect that the load balancer would be scheduled to an agent that is online. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1544313/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545153] Re: BadRequest: Invalid input for dns_name. Name must not start or end with a hyphen.
Reviewed: https://review.openstack.org/279799 Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=7e79d83641545e8134a2a142ade8a2fc0b96eade Submitter: Jenkins Branch:master commit 7e79d83641545e8134a2a142ade8a2fc0b96eade Author: Matthew TreinishDate: Fri Feb 12 16:21:37 2016 -0500 Reorder name normalization for DNS Having the truncation step as the last one meant we could truncate to a trailing hyphen. This could potential cause a failure for an invalid name. This commit reorders the normalization to put the truncation as the first step which should avoid that problem. Change-Id: I2219f6c73d882efc787127f02fda937f3e3b44eb Closes-Bug: #1545153 ** Changed in: nova Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1545153 Title: BadRequest: Invalid input for dns_name. Name must not start or end with a hyphen. Status in OpenStack Compute (nova): Fix Released Bug description: I'm seeing this in a tempest job run: http://logs.openstack.org/21/279721/3/check/gate-tempest-dsvm-neutron- full/8292a4a/logs/screen-n-cpu.txt.gz?level=TRACE#_2016-02-12_19_46_26_529 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [req-bb911afc-2a34-4812-8c83-0bb6eabc527f tempest-TestSecurityGroupsBasicOps-630833589 tempest-TestSecurityGroupsBasicOps-22256548] [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] Neutron error creating port on network 6796595c-c739-4080-b8a9-997f6936208c 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] Traceback (most recent call last): 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] File "/opt/stack/new/nova/nova/network/neutronv2/api.py", line 255, in _create_port 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] port = port_client.create_port(port_req_body) 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] File "/usr/local/lib/python2.7/dist-packages/neutronclient/v2_0/client.py", line 100, in with_params 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] ret = self.function(instance, *args, **kwargs) 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] File "/usr/local/lib/python2.7/dist-packages/neutronclient/v2_0/client.py", line 525, in create_port 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] return self.post(self.ports_path, body=body) 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] File "/usr/local/lib/python2.7/dist-packages/neutronclient/v2_0/client.py", line 271, in post 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] headers=headers, params=params) 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] File "/usr/local/lib/python2.7/dist-packages/neutronclient/v2_0/client.py", line 206, in do_request 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] self._handle_fault_response(status_code, replybody) 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] File "/usr/local/lib/python2.7/dist-packages/neutronclient/v2_0/client.py", line 182, in _handle_fault_response 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] exception_handler_v20(status_code, des_error_body) 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] File "/usr/local/lib/python2.7/dist-packages/neutronclient/v2_0/client.py", line 69, in exception_handler_v20 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] status_code=status_code) 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] BadRequest: Invalid input for dns_name. Reason: 'tempest-server-tempest-testsecuritygroupsbasicops-22256548-gen-' not a valid PQDN or FQDN. Reason: Name 'tempest-server-tempest-testsecuritygroupsbasicops-22256548-gen-' must not start or end with a hyphen.. 2016-02-12 19:46:26.529 19015 ERROR nova.network.neutronv2.api [instance: 25bf790e-cc4b-42fa-99f2-38f9bb7a004b] 2016-02-12
[Yahoo-eng-team] [Bug 1522172] Re: add the new precommit event for security groups
Reviewed: https://review.openstack.org/252755 Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=c24e9da2f82676d9b9d8c28018bf49c8a294121b Submitter: Jenkins Branch:master commit c24e9da2f82676d9b9d8c28018bf49c8a294121b Author: Yalei WangDate: Thu Dec 3 21:38:16 2015 +0800 Add precommit_XXX event for security group and rules Current BEFORE_CREATE/DELETE/UPDATE event is outside of the DB transaction. Unlike the precommit primitive in ML2 mech drivers, they don't work in the same DB transaction of resource, so if we want to operate the DB in mech driver related to security group, there would be more unsync issues if we use BEFORE_XXX event directly. Moving the BEFORE_XXX event inside may also break some current codes, as maybe RPC call included. This patch adds new PRECOMMIT_CREATE/DELETE/UPDATE event type for callback function, and use it in the securitygroup/rules DB transaction. PRECOMMIT_XXX is in the DB transaction and only purpose is to do DB operations in its callback. A CallbackFailure will be triggered when exception comes from the callback of the new event. Change-Id: Icd2849bd84dab6733a572e8c85f242afcefc6c78 Closes-Bug: #1522172 ** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1522172 Title: add the new precommit event for security groups Status in neutron: Fix Released Bug description: Neutron has already been able to make the agentless driver receive the security group BEFORE/AFTER event by neutron callback logic. But this logic still lacks the precommit function, like in Ml2 mechanism driver, which guarantees that the mechanism driver DB and neutron DB operation are in the same transaction. Because the MD may want to have the event callback function and hope its own DB operation in the same transaction with neutron securitygroup db. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1522172/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545695] Re: L3 agent: traceback is suppressed on floating ip setup failure
Reviewed: https://review.openstack.org/280194 Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=3188b458fd29bbd7711277bc337c0dacbaab4b9e Submitter: Jenkins Branch:master commit 3188b458fd29bbd7711277bc337c0dacbaab4b9e Author: Oleg BondarevDate: Mon Feb 15 15:39:59 2016 +0300 L3 agent: log traceback on floating ip setup failure Currently l3 agent suppresses exception traceback and just raises new FloatingIpSetupException so it's impossible to see actual issue from logs. The patch adds LOG.exception() to the exception handler before reraising. Closes-Bug: #1545695 Change-Id: Ia4557473c7e362f98a564475527b97ee6d0178f9 ** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1545695 Title: L3 agent: traceback is suppressed on floating ip setup failure Status in neutron: Fix Released Bug description: Following traceback says nothing about actual exception and makes it hard to debug issues: 2016-02-10 05:26:54.025 682 ERROR neutron.agent.l3.router_info [-] L3 agent failure to setup floating IPs 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info Traceback (most recent call last): 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info File "/usr/lib/python2.7/dist-packages/neutron/agent/l3/router_info.py", line 604, in process_external 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info fip_statuses = self.configure_fip_addresses(interface_name) 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info File "/usr/lib/python2.7/dist-packages/neutron/agent/l3/router_info.py", line 268, in configure_fip_addresses 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info raise n_exc.FloatingIpSetupException('L3 agent failure to setup ' 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info FloatingIpSetupException: L3 agent failure to setup floating IPs Need to log actual exception with traceback before reraising. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1545695/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545042] Re: New i9n tests exceptions_captured context manager introduce a bug in failure reports
Reviewed: https://review.openstack.org/279614 Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=d1f08df329da7561142757ac292fd426782f0608 Submitter: Jenkins Branch:master commit d1f08df329da7561142757ac292fd426782f0608 Author: Timur SufievDate: Fri Feb 12 18:43:50 2016 +0300 Fix exceptions_captured manager in i9n tests Recently introduced manager handled only 'bad' failure scenarios when Selenium became non responsive and caused again cryptic failures for failures that were perfectly reported before exceptions_captured introduction. Now both kind of (responsive and non responsive Selenium) failures are addressed inside it. Change-Id: I564b5e8b35fb2e84c27374bcac8a49cb6262b058 Closes-Bug: #1545042 ** Changed in: horizon Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1545042 Title: New i9n tests exceptions_captured context manager introduce a bug in failure reports Status in OpenStack Dashboard (Horizon): Fix Released Bug description: If test fails in a non-fatal for Selenium way and it's still able to fetch page source/ browser log/ screenshot that data is not added to TestCase reports because of lines like https://github.com/openstack/horizon/blob/master/openstack_dashboard/test/integration_tests/helpers.py#L127 where `content` gets thrown away once we return from block https://github.com/openstack/horizon/blob/master/openstack_dashboard/test/integration_tests/helpers.py#L106 To mitigate that we need to use a container instead of single reference. To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1545042/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545789] Re: keystone ADMIN_TOKEN set by default can lead to default insecure deployment
Agreed on the B1 (insecure default value), and I added an OSSN task for an eventual Security Note. Thank! ** Also affects: ossn Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1545789 Title: keystone ADMIN_TOKEN set by default can lead to default insecure deployment Status in OpenStack Identity (keystone): Triaged Status in OpenStack Security Notes: New Bug description: The Keystone configuration sets the ADMIN_TOKEN option to "ADMIN" by default, which means that unless the deployment specifically changes this value to a secure value, the filter "admin_auth_token" will accept the value of "ADMIN" as an all-access administrative token for the openstack deployment (when interacting with keystone). https://github.com/openstack/keystone/blob/406fbfaa2689255fb54cf1eb07403f392c735c53/keystone/common/config.py#L49-L56 The fix will be to make this value "None" by default, and if the option is unset, the "admin_token_auth" filter will simply pass, continuing to allow normal credentials to work. This is a CLASS B1 (my assessment) https://security.openstack.org/vmt- process.html#incident-report-taxonomy This bug was opened so we can issue an OSSA/OSSN with the fix. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1545789/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545814] [NEW] Tablecontroller should use ctrl instead of scope
Public bug reported: horizon.framework.widgets.table.controller:TableController currently uses $scope for selected and numSelected. It should use ctrl as suggested by JP's guide. ** Affects: horizon Importance: Medium Assignee: Thai Tran (tqtran) Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1545814 Title: Tablecontroller should use ctrl instead of scope Status in OpenStack Dashboard (Horizon): New Bug description: horizon.framework.widgets.table.controller:TableController currently uses $scope for selected and numSelected. It should use ctrl as suggested by JP's guide. To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1545814/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1542815] Re: rbac-list response will report wrong object_type
Reviewed: https://review.openstack.org/279030 Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=957c21113fc5848925c13a3128a23243ee99fa30 Submitter: Jenkins Branch:master commit 957c21113fc5848925c13a3128a23243ee99fa30 Author: Kevin BentonDate: Thu Feb 11 01:47:07 2016 -0800 Get rid of UnionModel for RBAC The union model approach was completely broken because it didn't keep track of which model each result actually was. This patch just strips it out and replaces get_rbac_policies with queries to each model. This will mean pagination is broken once multiple rbac types are in place, but everything else should work fine. Co-Authored-By: Haim Daniel Closes-Bug: #1542815 Change-Id: I1e91aa22d093d50e5a9d318f24d09bb65e072246 ** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1542815 Title: rbac-list response will report wrong object_type Status in neutron: Fix Released Bug description: This will happen when a new rbac table shall be introduced. The cause is the usage of the CommonDbMixin._union_model_query(). The current code flow joins SQL SELECT results from several rbac tables (per rbac object type). However, the resulting sqlalchemy union list from several tables contains the db_model type of the first table plus the output rows from all the other tables, causing the REST response of 'rbac-list' to contain the wrong object type. E.g: rbac-list on the following db_schema: networkrbacs table: {id=ID1, target_tenant=ID2, object_id=ID3, ...} qospolicyrbacs table: empty will result in REST response: {"target_tenant": ID2, "object_type": "qos_policy", "object_id": ID3} The issue hasn't appeared yeat, since there's only a single rbac type (network) at the moment. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1542815/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1399249] Re: Neutron openvswitch-agent doesn't recover ports from binding_failed status
Reviewed: https://review.openstack.org/162260 Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=63fe3a418c685ca90077f1dd4c35fd9ccf586fca Submitter: Jenkins Branch:master commit 63fe3a418c685ca90077f1dd4c35fd9ccf586fca Author: Ihar HrachyshkaDate: Mon Mar 9 18:05:18 2015 +0100 Add the rebinding chance in _bind_port_if_needed Make function _bind_port_if_needed to bind at least one time when the port's binding status passed in is already in binding_failed. This is the second attempt to introduce the patch (the first one was reverted due to regression that broke Ironic), now with proper notification sent even when binding attempt failed. The patch also fixes several cases when we attempted to notify with a binding context that was not committed into database. The patch changes _attempt_binding to call _commit_port_binding only with the binding final state: 1. Successful binding: will just call _commit_port_binding. 2. Unsuccessful binding: will call _commit_port_binding at the final attempt to bind the port. This is in order to refrain from reverts, with will really complicate things even more. Co-Authored-By: Yalei Wang Co-Authored-By: Nir Magnezi Co-Authored-By: John Schwarz Change-Id: I437290affd8eb87177d0626bf7935a165859cbdd Closes-Bug: #1399249 ** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1399249 Title: Neutron openvswitch-agent doesn't recover ports from binding_failed status Status in neutron: Fix Released Bug description: Ports created when neutron-openvswitch-agent is down are in status down and "binding:vif_type=binding_failed" which is as it should be. When the agent is rebooted it should be able to recreate the ports according to the DB, but instead it logs a WARNING and creates the port with status DOWN. only solution is to delete the port and create it again From agent log: 2014-12-04 16:53:00.559 16319 WARNING neutron.plugins.openvswitch.agent.ovs_neutron_agent [req-2dcc9141-7439-450a-bb2a-fe31ab577f47 None] Device 3dc73917-93b1-4f6d-a2e1-90c74cea6de7 not defined on plugin Recreation steps: shut down ovs-agent and wait for neutron to notice: [root@RHEL7Server ~]# systemctl stop neutron-openvswitch-agent.service [root@RHEL7Server ~(keystone_admin)]# neutron agent-list | grep open | 2d97bbd1-b937-4b19-8205-4167bbcb659d | Open vSwitch agent | node_29 | xxx | True | neutron-openvswitch-agent | create router and attach it to network [root@RHEL7Server ~(keystone_admin)]# neutron router-create myrouter --ha False Created a new router: +---+--+ | Field | Value| +---+--+ | admin_state_up| True | | distributed | False| | external_gateway_info | | | ha| False| | id| 8210f453-2a17-400e-ae32-74aa1503d0a5 | | name | myrouter | | routes| | | status| ACTIVE | | tenant_id | 183611eb84204b839e43d97c081973c0 | +---+--+ [root@RHEL7Server ~(keystone_admin)]# neutron router-interface-add myrouter private Added interface 3dc73917-93b1-4f6d-a2e1-90c74cea6de7 to router myrouter. [root@RHEL7Server ~(keystone_admin)]# neutron l3-agent-list-hosting-router myrouter +--+-++---+ | id | host| admin_state_up | alive | +--+-++---+ | 0110d49c-59dd-496c-a2a3-549a2ad4ba4d | node_29 | True | :-) | +--+-++---+ Port will show status DOWN, and "binding_failed" [root@RHEL7Server ~(keystone_admin)]# neutron port-show 3dc73917-93b1-4f6d-a2e1-90c74cea6de7 +---+-+ | Field | Value | +---+-+ | admin_state_up| True
[Yahoo-eng-team] [Bug 1545789] [NEW] keystone ADMIN_TOKEN set by default can lead to default insecure deployment
*** This bug is a security vulnerability *** Public security bug reported: The Keystone configuration sets the ADMIN_TOKEN option to "ADMIN" by default, which means that unless the deployment specifically changes this value to a secure value, the filter "admin_auth_token" will accept the value of "ADMIN" as an all-access administrative token for the openstack deployment (when interacting with keystone). https://github.com/openstack/keystone/blob/406fbfaa2689255fb54cf1eb07403f392c735c53/keystone/common/config.py#L49-L56 The fix will be to make this value "None" by default, and if the option is unset, the "admin_token_auth" filter will simply pass, continuing to allow normal credentials to work. This is a CLASS B1 (my assessment) https://security.openstack.org/vmt- process.html#incident-report-taxonomy This bug was opened so we can issue an OSSA/OSSN with the fix. ** Affects: keystone Importance: Medium Assignee: Adam Young (ayoung) Status: Triaged -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1545789 Title: keystone ADMIN_TOKEN set by default can lead to default insecure deployment Status in OpenStack Identity (keystone): Triaged Bug description: The Keystone configuration sets the ADMIN_TOKEN option to "ADMIN" by default, which means that unless the deployment specifically changes this value to a secure value, the filter "admin_auth_token" will accept the value of "ADMIN" as an all-access administrative token for the openstack deployment (when interacting with keystone). https://github.com/openstack/keystone/blob/406fbfaa2689255fb54cf1eb07403f392c735c53/keystone/common/config.py#L49-L56 The fix will be to make this value "None" by default, and if the option is unset, the "admin_token_auth" filter will simply pass, continuing to allow normal credentials to work. This is a CLASS B1 (my assessment) https://security.openstack.org/vmt- process.html#incident-report-taxonomy This bug was opened so we can issue an OSSA/OSSN with the fix. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1545789/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1537267] Re: release request for networking-sfc in Mitaka time frame
It looks like this was already done, though I have no idea who did it [1]. [1] https://pypi.python.org/pypi/networking-sfc/1.0.0 ** Changed in: neutron Status: New => Confirmed ** Changed in: neutron Status: Confirmed => Fix Released ** Changed in: neutron Milestone: None => mitaka-3 -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1537267 Title: release request for networking-sfc in Mitaka time frame Status in networking-sfc: New Status in neutron: Fix Released Bug description: Branch: stable/mitaka We also has stable/liberty branch for release against liberty branch code base and would like to release it too. The release of networking-sfc contains feature support for service function chaining. release version: 1.0.0 All code patches have been reviewed (open for review and collecting comments for a very long time) and merged. Test scripts have also been merged. In addition, comprehensive end-to-end integration testing within the same subnet and across different subnets with many different CLI combinations have been tested. The community project team has agreed that the codes are ready for release so that more people can give it a try and give input on future enhancement. To manage notifications about this bug go to: https://bugs.launchpad.net/networking-sfc/+bug/1537267/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1515672] Re: XenServer attach second Cinder volume failed
** Also affects: nova/liberty Importance: Undecided Status: New ** Changed in: nova/liberty Status: New => In Progress ** Changed in: nova/liberty Assignee: (unassigned) => Kevin Bringard (kbringard) ** Changed in: nova/liberty Importance: Undecided => Medium -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1515672 Title: XenServer attach second Cinder volume failed Status in OpenStack Compute (nova): Fix Released Status in OpenStack Compute (nova) liberty series: In Progress Bug description: With some Cinder backends (specifically those that provide multiple LUNs over the same IQN), XenServer cannot attach multiple disks to a VM. Openstack kilo version nova-compute 2015.1.1-1.el7 Logs from nova-compute after attaching second volume to xenserver host: 2015-11-12 18:36:50.250 996 ERROR nova.virt.block_device [req-42ee1d90-2e83-41d3-aaec-3f928170b60d cb348d90ade04049b30e2d41a985e2d4 596095f4da8b4eddbfbbe1774e762bf4 - - -] [instance: 901b2692-e337-4358-80df-8408ce626352] Driver failed to attach volume a7ce4570-e35b-4db8-9502-8c33e790280a at /dev/xvdc ... 2015-11-12 18:36:50.250 996 TRACE nova.virt.block_device [instance: 901b2692-e337-4358-80df-8408ce626352] session.call_xenapi("SR.scan", sr_ref) ... 2015-11-12 18:36:50.250 996 TRACE nova.virt.block_device [instance: 901b2692-e337-4358-80df-8408ce626352] Failure: ['SR_BACKEND_FAILURE_40', '', 'The SR scan failed [opterr=[\'INTERNAL_ERROR\', \'Db_exn.Uniqueness_constraint_violation("VDI", "uuid", "70b87c59-e01a-be46-6f43-d927e3871669")\']]', ''] Reproduction steps 1. create first cinder volume on storage array - seen with a storwize 7000. (cinder create) 2. attach that volume to instance VM reside on xenserver host (first volume attached ok). (nova volume-attach) 3. create second cinder volume on storage array. 4. attach second cinder volume to instance VM on the same xenserver host as in step 2. 5. attach second volume failed Expected result: Second volume attached ok and gets available to VM instance To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1515672/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545761] [NEW] admin_token_auth 'deprecation' actually removes it from the pipelines
Public bug reported: The admin_token_auth filter was meant to be deprecated in this commit.[1] However, instead it was removed from the pipelines in etc /keystone-paste.ini. This makes it a breaking change for consumers of the puppet modules (and probably others) that rely on the admin_token_auth filter for initial endpoint setup. We need to leave the admin_token_auth filter in those pipelines until the deprecation period is over in the O release. [1] https://github.com/openstack/keystone/commit/5286b4a297b5a94895a311a9e564aa87cb54dbfd ** Affects: keystone Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1545761 Title: admin_token_auth 'deprecation' actually removes it from the pipelines Status in OpenStack Identity (keystone): New Bug description: The admin_token_auth filter was meant to be deprecated in this commit.[1] However, instead it was removed from the pipelines in etc /keystone-paste.ini. This makes it a breaking change for consumers of the puppet modules (and probably others) that rely on the admin_token_auth filter for initial endpoint setup. We need to leave the admin_token_auth filter in those pipelines until the deprecation period is over in the O release. [1] https://github.com/openstack/keystone/commit/5286b4a297b5a94895a311a9e564aa87cb54dbfd To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1545761/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1479214] Re: nova can't attach volume to specific device name
I'm marking the nova bug as won't fix since this is working as designed for the libvirt driver since liberty, the libvirt driver ignores the requested device name now. It was never really working with the requested device name, you'd just get lucky if it worked. Things are more explicit now. I've added the openstack-api-site project to this bug since we should update the volume attach API docs to note this wrinkle. ** Also affects: openstack-manuals Importance: Undecided Status: New ** Also affects: openstack-api-site Importance: Undecided Status: New ** No longer affects: openstack-manuals ** Changed in: nova Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1479214 Title: nova can't attach volume to specific device name Status in OpenStack Compute (nova): Won't Fix Status in openstack-api-site: New Bug description: Nova attach volume cli support one option named device, it can specify this volume where to mount. But it doesn't work. Volume will be attached to device which is determined by nova compute. Maybe this bug was caused at following code: https://github.com/openstack/nova/blob/c5db407bb22e453a4bca22de1860bb6ce6090782/nova/virt/libvirt/driver.py#L6823 It will ignore device name which user assign, then auto select disk from blockinfo. My nova git environment is nova: 14d00296b179fcf115cf13d37b2f0b5b734d298d To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1479214/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1488208] Re: Revoking a role assignment revokes unscoped tokens too
** Changed in: keystone/kilo Status: Fix Released => In Progress -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1488208 Title: Revoking a role assignment revokes unscoped tokens too Status in OpenStack Identity (keystone): Fix Released Status in OpenStack Identity (keystone) kilo series: In Progress Bug description: When you delete a role assignment using a user+role+project pairing, unscoped tokens between the user+project are unnecessarily revoked as well. In fact, two events are created for each role assignment deletion (one that is scoped correctly and one that is scoped too broadly). The test failure in https://review.openstack.org/#/c/216236/ illustrates this issue: http://logs.openstack.org/36/216236/1/check/gate-keystone- python27/3f44af1/ To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1488208/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545748] [NEW] API Guide source grammar and typo fixes
Public bug reported: There is a number of grammar issues and typos in the API Guide source in Nova. This bug report attempts to highlight the ones found on and around 2016-02-15 by me. commit reviewed: 278b16e Jenkins on 1/21/16 at 4:09 AM (committed by Gerrit Code Review on 1/21/16 at 4:09 AM) Merge "Make sure that we always have a parent_addr set" Review link with proposed fix to follow shortly. ** Affects: nova Importance: Undecided Assignee: Waldemar Znoinski (wznoinsk) Status: New ** Changed in: nova Assignee: (unassigned) => Waldemar Znoinski (wznoinsk) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1545748 Title: API Guide source grammar and typo fixes Status in OpenStack Compute (nova): New Bug description: There is a number of grammar issues and typos in the API Guide source in Nova. This bug report attempts to highlight the ones found on and around 2016-02-15 by me. commit reviewed: 278b16e Jenkins on 1/21/16 at 4:09 AM (committed by Gerrit Code Review on 1/21/16 at 4:09 AM) Merge "Make sure that we always have a parent_addr set" Review link with proposed fix to follow shortly. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1545748/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1542491] Re: Scheduler update_aggregates race causes incorrect aggregate information
** Tags removed: race-condition ** Changed in: ubuntu Status: New => Invalid ** Changed in: nova Status: New => Incomplete -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1542491 Title: Scheduler update_aggregates race causes incorrect aggregate information Status in OpenStack Compute (nova): Incomplete Status in Ubuntu: Invalid Bug description: It appears that if nova-api receives simultaneous requests to add a server to a host aggregate, then a race occurs that can lead to nova- scheduler having incorrect aggregate information in memory. One observed effect of this is that sometimes nova-scheduler will think a smaller number of hosts are a member of the aggregate than is in the nova database and will filter out a host that should not be filtered. Restarting nova-scheduler fixes the issue, as it reloads the aggregate information on startup. Nova package versions: 1:2015.1.2-0ubuntu2~cloud0 Reproduce steps: Create a new os-aggregate and then populate an os-aggregate with simultaneous API POSTs, note timestamps: 2016-02-04 20:17:08.538 13648 INFO nova.osapi_compute.wsgi.server [req-d07a006e-134a-46d8-9815-6becec5b185c 41812fc01c6549ac8ed15c6dab05c670 326d453c2bd440b4a7160489b632d0a8 - - -] 10.120.13.3 "POST /v2.1/326d453c2bd440b4a7160489b632d0a8/os-aggregates HTTP/1.1" status: 200 len: 439 time: 0.1865470 2016-02-04 20:17:09.204 13648 INFO nova.osapi_compute.wsgi.server [req-a0402297-9337-46d6-96d2-066e230e45e1 41812fc01c6549ac8ed15c6dab05c670 326d453c2bd440b4a7160489b632d0a8 - - -] 10.120.13.2 "POST /v2.1/326d453c2bd440b4a7160489b632d0a8/os-aggregates/1/action HTTP/1.1" status: 200 len: 506 time: 0.2995598 2016-02-04 20:17:09.243 13648 INFO nova.osapi_compute.wsgi.server [req-0f543525-c34e-418a-91a9-894d714ee95b 41812fc01c6549ac8ed15c6dab05c670 326d453c2bd440b4a7160489b632d0a8 - - -] 10.120.13.2 "POST /v2.1/326d453c2bd440b4a7160489b632d0a8/os-aggregates/1/action HTTP/1.1" status: 200 len: 519 time: 0.3140590 2016-02-04 20:17:09.273 13649 INFO nova.osapi_compute.wsgi.server [req-2f8d80b0-726f-4126-a8ab-a2eae3f1a385 41812fc01c6549ac8ed15c6dab05c670 326d453c2bd440b4a7160489b632d0a8 - - -] 10.120.13.2 "POST /v2.1/326d453c2bd440b4a7160489b632d0a8/os-aggregates/1/action HTTP/1.1" status: 200 len: 506 time: 0.3759601 2016-02-04 20:17:09.275 13649 INFO nova.osapi_compute.wsgi.server [req-80ab6c86-e521-4bf0-ab67-4de9d0eccdd3 41812fc01c6549ac8ed15c6dab05c670 326d453c2bd440b4a7160489b632d0a8 - - -] 10.120.13.1 "POST /v2.1/326d453c2bd440b4a7160489b632d0a8/os-aggregates/1/action HTTP/1.1" status: 200 len: 506 time: 0.3433032 Schedule a VM Expected Result: nova-scheduler Availability Zone filter returns all members of the aggregate Actual Result: nova-scheduler believes there is only one hypervisor in the aggregate. The number will vary as it is a race: 2016-02-05 07:48:04.411 13600 DEBUG nova.filters [req-c24338b5-a3b8-4864-8140-04ea6fbcf68f 41812fc01c6549ac8ed15c6dab05c670 326d453c2bd440b4a7160489b632d0a8 - - -] Starting with 4 host(s) get_filtered_objects /usr/lib/python2.7/dist-packages/nova/filters.py:70 2016-02-05 07:48:04.411 13600 DEBUG nova.filters [req-c24338b5-a3b8-4864-8140-04ea6fbcf68f 41812fc01c6549ac8ed15c6dab05c670 326d453c2bd440b4a7160489b632d0a8 - - -] Filter RetryFilter returned 4 host(s) get_filtered_objects /usr/lib/python2.7/dist-packages/nova/filters.py:84 2016-02-05 07:48:04.412 13600 DEBUG nova.scheduler.filters.availability_zone_filter [req-c24338b5-a3b8-4864-8140-04ea6fbcf68f 41812fc01c6549ac8ed15c6dab05c670 326d453c2bd440b4a7160489b632d0a8 - - -] Availability Zone 'temp' requested. (oshv0, oshv0) ram:122691 disk:13404160 io_ops:0 instances:0 has AZs: nova host_passes /usr/lib/python2.7/dist-packages/nova/scheduler/filters/availability_zone_filter.py:62 2016-02-05 07:48:04.412 13600 DEBUG nova.scheduler.filters.availability_zone_filter [req-c24338b5-a3b8-4864-8140-04ea6fbcf68f 41812fc01c6549ac8ed15c6dab05c670 326d453c2bd440b4a7160489b632d0a8 - - -] Availability Zone 'temp' requested. (oshv2, oshv2) ram:122691 disk:13403136 io_ops:0 instances:0 has AZs: nova host_passes /usr/lib/python2.7/dist-packages/nova/scheduler/filters/availability_zone_filter.py:62 2016-02-05 07:48:04.413 13600 DEBUG nova.scheduler.filters.availability_zone_filter [req-c24338b5-a3b8-4864-8140-04ea6fbcf68f 41812fc01c6549ac8ed15c6dab05c670 326d453c2bd440b4a7160489b632d0a8 - - -] Availability Zone 'temp' requested. (oshv1, oshv1) ram:122691 disk:13404160 io_ops:0 instances:0 has AZs: nova host_passes /usr/lib/python2.7/dist-packages/nova/scheduler/filters/availability_zone_filter.py:62 2016-02-05 07:48:04.413 13600 DEBUG nova.filters [req-c24338b5-a3b8-4864-8140-04ea6fbcf68f 41812fc01c6549ac8ed15c6dab05c670 326d453c2bd440b4a7160489b632d0a8 - - -] Filter
[Yahoo-eng-team] [Bug 1545732] [NEW] glance v2 api: standard user can update other user's public metadefs
*** This bug is a security vulnerability *** Private security bug reported: If project 'd12bddf60e4649b2a2cf6a2cc7520d79' owns a global namespace: $ openstack token issue ++--+ | Field | Value| ++--+ | expires| 2016-02-15T14:23:21Z | | id | 7b8b9c6347f54d4ca5f543704068a0bb | | project_id | d12bddf60e4649b2a2cf6a2cc7520d79 | | user_id| e543889c522c46018c6a8f3ff71c1859 | ++--+ $ glance md-namespace-show NS1001 ++--+ | Property | Value| ++--+ | created_at | 2016-02-15T12:56:09Z | | namespace | NS1001 | | objects| ["ob1"] | | owner | d12bddf60e4649b2a2cf6a2cc7520d79 | | protected | False| | schema | /v2/schemas/metadefs/namespace | | updated_at | 2016-02-15T12:56:09Z | | visibility | public | ++--+ Another project can update that namespace (eg with a new object): $ openstack token issue ++--+ | Field | Value| ++--+ | expires| 2016-02-15T14:25:09.152643Z | | id | 0df5acec2b884f3c8cff744b4c4f66d0 | | project_id | c4f1b829b3af4775abdc9d70059eac10 | <<< | user_id| 10f27b7f965a47f98a828e4b342c03fd | ++--+ $ glance md-object-create --name objectx --schema {} NS1001 ++-+ | Property | Value | ++-+ | created_at | 2016-02-15T13:25:33Z| | name | objectx | | schema | /v2/schemas/metadefs/object | | updated_at | 2016-02-15T13:25:33Z| ++-+ This seems to also be possible if the namespace is owned by 'admin': $ glance md-object-create --name objectx --schema {} OS::Compute::GuestMemoryBacking ++-+ | Property | Value | ++-+ | created_at | 2016-02-15T13:28:11Z| | name | objectx | | schema | /v2/schemas/metadefs/object | | updated_at | 2016-02-15T13:28:11Z| ++-+ $ glance md-namespace-show OS::Compute::GuestMemoryBacking ++--+ | Property | Value | ++--+ | created_at | 2016-02-08T13:37:48Z | | description| This provides the preferred backing option for guest RAM. Guest's memory can be | || backed by hugepages to limit TLB lookups. See also: | || https://wiki.openstack.org/wiki/VirtDriverGuestCPUMemoryPlacement | | display_name | Guest Memory Backing | | namespace | OS::Compute::GuestMemoryBacking | | objects| ["objectx"] | | owner | admin | | properties | ["mem_page_size"] | | protected | True | | resource_type_associations | ["OS::Glance::Image", "OS::Cinder::Volume", "OS::Nova::Flavor"] | | schema | /v2/schemas/metadefs/namespace | | visibility | public | ++--+ $ glance md-property-create --name propx --title title1 --schema '{"description": "x", "type":"string"}' OS::Compute::GuestMemoryBacking +-++ | Property| Value | +-++ | description | x | | name
[Yahoo-eng-team] [Bug 1545731] [NEW] Improper handling/validation for fields passed in "flavor create" command.
Public bug reported: nova flavor-create sheel_flavor 09 1 1 1 ERROR (BadRequest): Invalid input for field/attribute name. Value: sheel_flavor. u'sheel_flavor\U0001f30b' does not match u'^(?![\\ \\\xa0\\\u1680\\\u180e\\\u2000\\\u2001\\\u2002\\\u2003\\\u2004\\\u2005\\\u2006\\\u2007\\\u2008\\\u2009\\\u200a\\\u202f\\\u205f\\\u3000])[\\ \\!\\"\\#\\$\\%\\&\\\'\\(\\)\\*\\+\\,\\-\\.\\/0123456789\\:\\;\\<\\=\\>\\?\\@ABCDEFGHIJKLMNOPQRSTUVWXYZ\\[\\]\\^\\_\\`abcdefghijklmnopqrstuvwxyz\\{\\|\\}\\~\\\xa0\\\xa1\\\xa2\\\xa3\\\xa4\\\xa5\\\xa6\\\xa7\\\xa8\\\xa9\\\xaa\\\xab\\\xac\\\xae\\\xaf\\\xb0\\\xb1\\\xb2\\\xb3\\\xb4\\\xb5\\\xb6\\\xb7\\\xb8\\\xb9\\\xba\\\xbb\\\xbc\\\xbd\\\xbe\\\xbf\\\xc0\\\xc1\\\xc2\\\xc3\\\xc4\\\xc5\\\xc6\\\xc7\\\xc8\\\xc9\\\xca\\\xcb\\\xcc\\\xcd\\\xce\\\xcf\\\xd0\\\xd1\\\xd2\\\xd3\\\xd4\\\xd5\\\xd6\\\xd7\\\xd8\\\xd9\\\xda\\\xdb\\\xdc\\\xdd\\\xde\\\xdf\\\xe0\\\xe1\\\xe2\\\xe3\\\xe4\\\xe5\\\xe6\\\xe7\\\xe8\\\xe9\\\xea\\\xeb\\\xec\\\xed\\\xee\\\xef\\\xf0\\\xf1\\\xf2\\\xf3\\\xf4\\\xf5\\\xf6\\\xf7\\\xf8\\\xf9\\\xfa\\\xfb\\\xfc\\\xfd\\\xfe\\\xfff\\\ large string of same kind of characters for almost 1000 lines "eb\\\xec\\\xed\\\xee\\\xef\\" \\\uffa7\\\uffa8\\\uffa9\\\uffaa\\\uffab\\\uffac\\\uffad\\\uffae\\\uffaf\\\uffb0\\\uffb1\\\uffb2\\\uffb3\\\uffb4\\\uffb5\\\uffb6\\\uffb7\\\uffb8\\\uffb9\\\uffba\\\uffbb\\\uffbc\\\uffbd\\\uffbe\\\uffc2\\\uffc3\\\uffc4\\\uffc5\\\uffc6\\\uffc7\\\uffca\\\uffcb\\\uffcc\\\uffcd\\\uffce\\\uffcf\\\uffd2\\\uffd3\\\uffd4\\\uffd5\\\uffd6\\\uffd7\\\uffda\\\uffdb\\\uffdc\\\uffe0\\\uffe1\\\uffe2\\\uffe3\\\uffe4\\\uffe5\\\uffe6\\\uffe8\\\uffe9\\\uffea\\\uffeb\\\uffec\\\uffed\\\uffee\\\ufffc\\\ufffd]*(? Sheel Rana (ranasheel2000) ** Summary changed: - Improper handling of error check in flavor create operation + Improper handling/validation for fields passed in "flavor create" command. -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1545731 Title: Improper handling/validation for fields passed in "flavor create" command. Status in OpenStack Compute (nova): New Bug description: nova flavor-create sheel_flavor 09 1 1 1 ERROR (BadRequest): Invalid input for field/attribute name. Value: sheel_flavor. u'sheel_flavor\U0001f30b' does not match u'^(?![\\ \\\xa0\\\u1680\\\u180e\\\u2000\\\u2001\\\u2002\\\u2003\\\u2004\\\u2005\\\u2006\\\u2007\\\u2008\\\u2009\\\u200a\\\u202f\\\u205f\\\u3000])[\\ \\!\\"\\#\\$\\%\\&\\\'\\(\\)\\*\\+\\,\\-\\.\\/0123456789\\:\\;\\<\\=\\>\\?\\@ABCDEFGHIJKLMNOPQRSTUVWXYZ\\[\\]\\^\\_\\`abcdefghijklmnopqrstuvwxyz\\{\\|\\}\\~\\\xa0\\\xa1\\\xa2\\\xa3\\\xa4\\\xa5\\\xa6\\\xa7\\\xa8\\\xa9\\\xaa\\\xab\\\xac\\\xae\\\xaf\\\xb0\\\xb1\\\xb2\\\xb3\\\xb4\\\xb5\\\xb6\\\xb7\\\xb8\\\xb9\\\xba\\\xbb\\\xbc\\\xbd\\\xbe\\\xbf\\\xc0\\\xc1\\\xc2\\\xc3\\\xc4\\\xc5\\\xc6\\\xc7\\\xc8\\\xc9\\\xca\\\xcb\\\xcc\\\xcd\\\xce\\\xcf\\\xd0\\\xd1\\\xd2\\\xd3\\\xd4\\\xd5\\\xd6\\\xd7\\\xd8\\\xd9\\\xda\\\xdb\\\xdc\\\xdd\\\xde\\\xdf\\\xe0\\\xe1\\\xe2\\\xe3\\\xe4\\\xe5\\\xe6\\\xe7\\\xe8\\\xe9\\\xea\\\xeb\\\xec\\\xed\\\xee\\\xef\\\xf0\\\xf1\\\xf2\\\xf3\\\xf4\\\xf5\\\xf6\\\xf7\\\xf8\\\xf9\\\xfa\\\xfb\\\xfc\\\xfd\\\xfe\\\xfff\\\ large string of same kind of characters for almost 1000 lines "eb\\\xec\\\xed\\\xee\\\xef\\" \\\uffa7\\\uffa8\\\uffa9\\\uffaa\\\uffab\\\uffac\\\uffad\\\uffae\\\uffaf\\\uffb0\\\uffb1\\\uffb2\\\uffb3\\\uffb4\\\uffb5\\\uffb6\\\uffb7\\\uffb8\\\uffb9\\\uffba\\\uffbb\\\uffbc\\\uffbd\\\uffbe\\\uffc2\\\uffc3\\\uffc4\\\uffc5\\\uffc6\\\uffc7\\\uffca\\\uffcb\\\uffcc\\\uffcd\\\uffce\\\uffcf\\\uffd2\\\uffd3\\\uffd4\\\uffd5\\\uffd6\\\uffd7\\\uffda\\\uffdb\\\uffdc\\\uffe0\\\uffe1\\\uffe2\\\uffe3\\\uffe4\\\uffe5\\\uffe6\\\uffe8\\\uffe9\\\uffea\\\uffeb\\\uffec\\\uffed\\\uffee\\\ufffc\\\ufffd]*(?https://bugs.launchpad.net/nova/+bug/1545731/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe :
[Yahoo-eng-team] [Bug 1545729] [NEW] 4 byte unicode handling for entity names
Public bug reported: mysql database does not support 4 byte unicode due to its utf8 character set. If any operation is executed with 4byte unicode name, it reports 500 error without any proper error message to user. This will be confusing for user as no information is present about why this issue occurred. Please refer below for details: nova secgroup-create sheel ERROR (ClientException): Unexpected API Error. Please report this at http://bugs.launchpad.net/nova/ and attach the Nova API log if possible. (HTTP 500) (Request-ID: req-a4eef1d6-11fa-4188-b116-ffdf728e04f4) Bug can be reproduced by simply using 4byte unicode characters in name of security group. This is 100% reproducible. ** Affects: nova Importance: Undecided Assignee: Sheel Rana (ranasheel2000) Status: New ** Changed in: nova Assignee: (unassigned) => Sheel Rana (ranasheel2000) ** Description changed: mysql database does not support 4 byte unicode due to its utf8 character set. - If any operation is executed with 4byte unicode name, it reports 500 error without any proper error message to user. + If any operation is executed with 4byte unicode name, it reports 500 error without any proper error message to user. This will be confusing for user as no information is present about why this issue occurred. Please refer below for details: - nova secgroup-create sheel + nova secgroup-create sheel ERROR (ClientException): Unexpected API Error. Please report this at http://bugs.launchpad.net/nova/ and attach the Nova API log if possible. (HTTP 500) (Request-ID: req-a4eef1d6-11fa-4188-b116-ffdf728e04f4) + + + Bug can be reproduced by simply using 4byte unicode characters in name of security group. + + This is 100% reproducible. -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1545729 Title: 4 byte unicode handling for entity names Status in OpenStack Compute (nova): New Bug description: mysql database does not support 4 byte unicode due to its utf8 character set. If any operation is executed with 4byte unicode name, it reports 500 error without any proper error message to user. This will be confusing for user as no information is present about why this issue occurred. Please refer below for details: nova secgroup-create sheel ERROR (ClientException): Unexpected API Error. Please report this at http://bugs.launchpad.net/nova/ and attach the Nova API log if possible. (HTTP 500) (Request-ID: req-a4eef1d6-11fa-4188-b116-ffdf728e04f4) Bug can be reproduced by simply using 4byte unicode characters in name of security group. This is 100% reproducible. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1545729/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545724] [NEW] Pages are not refilled when the first page becomes empty
Public bug reported: Steps to reproduce: 1. Set Items per Page to 1 2. Create 2 instances at Project->Compute 3. Delete the instance of Page 1. 4. Notice that the page 1 is empty now, while Next link is still active and redirects us to Page 2 with another Instance. Expected behavior: Pages are refilled once the first page becomes empty. ** Affects: horizon Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1545724 Title: Pages are not refilled when the first page becomes empty Status in OpenStack Dashboard (Horizon): New Bug description: Steps to reproduce: 1. Set Items per Page to 1 2. Create 2 instances at Project->Compute 3. Delete the instance of Page 1. 4. Notice that the page 1 is empty now, while Next link is still active and redirects us to Page 2 with another Instance. Expected behavior: Pages are refilled once the first page becomes empty. To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1545724/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1523742] Re: illegal video driver for PPC64 little endian system
Reviewed: https://review.openstack.org/279227 Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=87069e7bf788ec4e80bd340bcb97d57117cbc4d2 Submitter: Jenkins Branch:master commit 87069e7bf788ec4e80bd340bcb97d57117cbc4d2 Author: Sean DagueDate: Thu Feb 11 13:19:57 2016 -0500 Fix reported ppc64le bug on video selection ppc64le apparently is the same as other ppc plaforms in it's video selection. This one line fix was put into a reported bug and addresses this for people. Co-Authored-By: xiaojinwei...@163.com Change-Id: I44283f19823bf39159633fa93f575e306bcf1970 Closes-Bug: #1523742 ** Changed in: nova Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1523742 Title: illegal video driver for PPC64 little endian system Status in OpenStack Compute (nova): Fix Released Status in OpenStack Compute (nova) liberty series: Confirmed Bug description: for openstack kilo version, when creating a instance, libvirt creates cirrus video type in template xml file while is not supported for PPC64 little endian system. I debug the code and finally find mistake in function _add_video_driver of file nova/virt/libvirt/driver.py In function, there is a logic that video driver is determinded by guest arch. If arch is in (PPC, PPC64) then return vga, otherwise video driver is determined by other options. For PPC64 little endian system, guest arch is PPC64LE so that video driver is determined by other option (In our environment, with kvm virt type and spice disabled , video driver is determined by hw_video_model) which makes video driver is cirrus . Exception happens when creating vm instance because cirrus video driver is not supported on power hardware. I add PPC64LE arch in the guestarch option and it does works. The patch will be attached. To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1523742/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1543105] Re: Artifacts code conceals what/where errors happened during plugin loading
Reviewed: https://review.openstack.org/277378 Committed: https://git.openstack.org/cgit/openstack/glance/commit/?id=a3e19a0abe1e68daaf90cfcd6db9e6056cf10db2 Submitter: Jenkins Branch:master commit a3e19a0abe1e68daaf90cfcd6db9e6056cf10db2 Author: Kirill ZaitsevDate: Mon Feb 8 15:58:58 2016 +0300 Promote log message to exception level on artifact load failure Before this patch exact place of where the error happened during artifact load was hard to pinpoint, because it was not shown in the stacktrace. With this change exception is no longer just converted to string and printed, but also a stacktrace of exact location of the error is printed Change-Id: I1442b6743e77e2aa47a708ae1c38d7c4a54b8cd1 Closes-Bug: #1543105 ** Changed in: glance Status: New => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Glance. https://bugs.launchpad.net/bugs/1543105 Title: Artifacts code conceals what/where errors happened during plugin loading Status in Glance: Fix Released Bug description: Currently exception is converted to string and we get smth like "2016-02-08 15:47:53.218 12604 ERROR glance.common.artifacts.loader [-] Could not load plugin from assets.glance_image.v1.package: __init__() got multiple values for keyword argument 'mutable' " and the stacktrace shown later conceals the place where the actual error has happened. this doesn't help much with debugging plugin code. It would be great to have relevant stacktrace printed on errors in artifact definitions. To manage notifications about this bug go to: https://bugs.launchpad.net/glance/+bug/1543105/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1542612] Re: Add Network Port selection to instance launch
** Changed in: horizon Status: New => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1542612 Title: Add Network Port selection to instance launch Status in OpenStack Dashboard (Horizon): Invalid Status in openstack-manuals: In Progress Bug description: https://review.openstack.org/271248 Dear bug triager. This bug was created since a commit was marked with DOCIMPACT. Your project "openstack/horizon" is set up so that we directly report the documentation bugs against it. If this needs changing, the docimpact-group option needs to be added for the project. You can ask the OpenStack infra team (#openstack-infra on freenode) for help if you need to. commit c0aab9adf38004df53973a6f35905f3d708a4791 Author: ItxakaDate: Fri Jan 22 00:33:13 2016 +0100 Add Network Port selection to instance launch Adds a new step to the launch instance wizard to select any available ports to attach on launch. Modifies the existing tests to take the new step and calls insto consideration. DocImpact: Add port info to user-guide/dashboard_launch_instances.html Change-Id: I97b24be0d75b69638aeb52bda7d0d0541a80663a Implements: blueprint allow-launching-ports To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1542612/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545695] [NEW] L3 agent: traceback is suppressed on floating ip setup failure
Public bug reported: Following traceback says nothing about actual exception and makes it hard to debug issues: 2016-02-10 05:26:54.025 682 ERROR neutron.agent.l3.router_info [-] L3 agent failure to setup floating IPs 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info Traceback (most recent call last): 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info File "/usr/lib/python2.7/dist-packages/neutron/agent/l3/router_info.py", line 604, in process_external 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info fip_statuses = self.configure_fip_addresses(interface_name) 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info File "/usr/lib/python2.7/dist-packages/neutron/agent/l3/router_info.py", line 268, in configure_fip_addresses 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info raise n_exc.FloatingIpSetupException('L3 agent failure to setup ' 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info FloatingIpSetupException: L3 agent failure to setup floating IPs Need to log actual exception with traceback before reraising. ** Affects: neutron Importance: Low Assignee: Oleg Bondarev (obondarev) Status: New ** Tags: l3-ipam-dhcp -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1545695 Title: L3 agent: traceback is suppressed on floating ip setup failure Status in neutron: New Bug description: Following traceback says nothing about actual exception and makes it hard to debug issues: 2016-02-10 05:26:54.025 682 ERROR neutron.agent.l3.router_info [-] L3 agent failure to setup floating IPs 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info Traceback (most recent call last): 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info File "/usr/lib/python2.7/dist-packages/neutron/agent/l3/router_info.py", line 604, in process_external 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info fip_statuses = self.configure_fip_addresses(interface_name) 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info File "/usr/lib/python2.7/dist-packages/neutron/agent/l3/router_info.py", line 268, in configure_fip_addresses 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info raise n_exc.FloatingIpSetupException('L3 agent failure to setup ' 2016-02-10 05:26:54.025 682 TRACE neutron.agent.l3.router_info FloatingIpSetupException: L3 agent failure to setup floating IPs Need to log actual exception with traceback before reraising. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1545695/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1538896] Re: nova flavor-show raises 500 error if flavor is deleted
Reviewed: https://review.openstack.org/279413 Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=4184f985011ddcca08ae695bb9793794037a0b04 Submitter: Jenkins Branch:master commit 4184f985011ddcca08ae695bb9793794037a0b04 Author: bhagyashrisDate: Thu Feb 4 01:21:49 2016 -0800 Fix 500 error for showing deleted flavor details Displaying deleted flavor details throws 500 internal server error. Added 404 HttpNotFound status code in "@extension.expected_errors". APIImpact: Return 404 status code for list extra specs for a deleted flavor. Closes-Bug: #1538896 Change-Id: Iba33296c28c3c3d6ba60052fe434107ac9c00c61 ** Changed in: nova Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1538896 Title: nova flavor-show raises 500 error if flavor is deleted Status in OpenStack Compute (nova): Fix Released Bug description: Reproducible on latest master. Tried to show deleted flavor then it raises 500 error. Steps to reproduce: 1. Create flavor $ nova flavor-create m2.test 10 1200 12 8 2. Delete flavor $ nova flavor-delete 10 3. Show deleted flavor $ nova flavor-show 10 ERROR (ClientException): Unexpected API Error. Please report this at http://bugs.launchpad.net/nova/ and attach the Nova API log if possible. (HTTP 500) (Request-ID: req-4f77f74c-2234-4beb-9875-157364bdd964) Nova api logs: - from (pid=31454) _http_log_response /usr/local/lib/python2.7/dist-packages/keystoneauth1/session.py:254 2016-01-27 15:28:14.067 DEBUG nova.api.openstack.wsgi [req-15b4f90e-332b-4e96-b839-8cd931605e42 admin demo] Calling method '>' from (pid=31454) _process_stack /opt/stack/nova/nova/api/openstack/wsgi.py:699 2016-01-27 15:28:14.082 ERROR nova.api.openstack.extensions [req-15b4f90e-332b-4e96-b839-8cd931605e42 admin demo] Unexpected exception in API method 2016-01-27 15:28:14.082 TRACE nova.api.openstack.extensions Traceback (most recent call last): 2016-01-27 15:28:14.082 TRACE nova.api.openstack.extensions File "/opt/stack/nova/nova/api/openstack/extensions.py", line 478, in wrapped 2016-01-27 15:28:14.082 TRACE nova.api.openstack.extensions return f(*args, **kwargs) 2016-01-27 15:28:14.082 TRACE nova.api.openstack.extensions File "/opt/stack/nova/nova/api/openstack/compute/flavors_extraspecs.py", line 60, in index 2016-01-27 15:28:14.082 TRACE nova.api.openstack.extensions return self._get_extra_specs(context, flavor_id) 2016-01-27 15:28:14.082 TRACE nova.api.openstack.extensions File "/opt/stack/nova/nova/api/openstack/compute/flavors_extraspecs.py", line 39, in _get_extra_specs 2016-01-27 15:28:14.082 TRACE nova.api.openstack.extensions flavor = common.get_flavor(context, flavor_id) 2016-01-27 15:28:14.082 TRACE nova.api.openstack.extensions File "/opt/stack/nova/nova/api/openstack/common.py", line 543, in get_flavor 2016-01-27 15:28:14.082 TRACE nova.api.openstack.extensions raise exc.HTTPNotFound(explanation=error.format_message()) 2016-01-27 15:28:14.082 TRACE nova.api.openstack.extensions HTTPNotFound: Flavor 122 could not be found. 2016-01-27 15:28:14.082 TRACE nova.api.openstack.extensions 2016-01-27 15:28:14.085 INFO nova.api.openstack.wsgi [req-15b4f90e-332b-4e96-b839-8cd931605e42 admin demo] HTTP exception thrown: Unexpected API Error. Please report this at http://bugs.launchpad.net/nova/ and attach the Nova API log if possible. 2016-01-27 15:28:14.086 DEBUG nova.api.openstack.wsgi [req-15b4f90e-332b-4e96-b839-8cd931605e42 admin demo] Returning 500 to user: Unexpected API Error. Please report this at http://bugs.launchpad.net/nova/ and attach the Nova API log if possible. from (pid=31454) __call__ /opt/stack/nova/nova/api/openstack/wsgi.py:1070 2016-01-27 15:28:14.097 INFO nova.osapi_compute.wsgi.server [req-15b4f90e-332b-4e96-b839-8cd931605e42 admin demo] 10.69.4.177 "GET /v2.1/982e2fc081364cf889d959b27d4bd510/flavors/122/os-extra_specs HTTP/1.1" status: 500 len: 499 time: 0.1559708 To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1538896/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1543318] Re: Token for trust does not expand implied roles
Reviewed: https://review.openstack.org/279835 Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=790b8c22bea9336abe2ce301fda5962021974ded Submitter: Jenkins Branch:master commit 790b8c22bea9336abe2ce301fda5962021974ded Author: Adam YoungDate: Fri Feb 12 18:16:05 2016 -0500 Expand implied roles in trust tokens Closes-Bug: 1543318 Change-Id: Iadcedaec184c7ca14ecd6ad5035265a310e2d5d2 ** Changed in: keystone Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1543318 Title: Token for trust does not expand implied roles Status in OpenStack Identity (keystone): Fix Released Bug description: def test_trusts_from_implied_role(self): self._create_three_roles() self._create_implied_role(self.role_list[0], self.role_list[1]) self._create_implied_role(self.role_list[1], self.role_list[2]) self._assign_top_role_to_user_on_project(self.user, self.project) # Create a trustee and assign the prior role to her trustee = unit.create_user(self.identity_api, domain_id=self.domain_id) ref = unit.new_trust_ref( trustor_user_id=self.user['id'], trustee_user_id=trustee['id'], project_id=self.project['id'], role_ids=[self.role_list[0]['id']]) r = self.post('/OS-TRUST/trusts', body={'trust': ref}) trust = r.result['trust'] # Only the role that was specified is in the trust, NOT implies roles self.assertEqual(self.role_list[0]['id'], trust['roles'][0]['id']) self.assertThat(trust['roles'], matchers.HasLength(1)) # Authenticate as the trustee auth_data = self.build_authentication_request( user_id=trustee['id'], password=trustee['password'], trust_id=trust['id']) r = self.v3_create_token(auth_data) token = r.result['token'] # This fails self.assertThat(token['roles'], matchers.HasLength(3)) To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1543318/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1545655] [NEW] A close icon in the upper right don't show in Update Metadata
Public bug reported: A close icon in the upper right can close modal dialog. Other modal dialog have this icon but Update Metadata dialog don't have it. When we use a browser with not maximize window, it often needs a scroll operation. Therefore it is better to add icon in the upper right to cancel the modal, same as other modals. ** Affects: horizon Importance: Undecided Assignee: Kenji Ishii (ken-ishii) Status: New ** Changed in: horizon Assignee: (unassigned) => Kenji Ishii (ken-ishii) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1545655 Title: A close icon in the upper right don't show in Update Metadata Status in OpenStack Dashboard (Horizon): New Bug description: A close icon in the upper right can close modal dialog. Other modal dialog have this icon but Update Metadata dialog don't have it. When we use a browser with not maximize window, it often needs a scroll operation. Therefore it is better to add icon in the upper right to cancel the modal, same as other modals. To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1545655/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp