[Yahoo-eng-team] [Bug 1451402] Re: v3 - pagination in GET services does not work

Reviewed: https://review.openstack.org/230081 Committed: https://git.openstack.org/cgit/openstack/api-site/commit/?id=a0972f56cc9460dda502cfe3775064e7a847fab3 Submitter: Jenkins Branch:master commit a0972f56cc9460dda502cfe3775064e7a847fab3 Author: Diane Fleming Date:

[Yahoo-eng-team] [Bug 1502991] [NEW] Cache prefetcher can't work with trusted-auth registry

Public bug reported: As described in [0], Cache prefetcher fails to work when the registry is deployed in trusted-auth mode. Cache prefetcher should send necessary identity headers to registry when pulling image metadata. [0] http://paste.openstack.org/show/475361/ ** Affects: glance

[Yahoo-eng-team] [Bug 1499271] Re: MetricsWeigher can return a NoneType exception

** Changed in: nova Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1499271 Title: MetricsWeigher can return a NoneType

[Yahoo-eng-team] [Bug 1493680] Re: HostState.metrics is no longer a dict

** Changed in: nova Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1493680 Title: HostState.metrics is no longer a dict

[Yahoo-eng-team] [Bug 1502987] [NEW] fullstack runs leave neutron-server forked processes running

Public bug reported: Since by default api_workers = Number of CPUs on the machine, the neutron-server forks itself when it starts. Those child processes are left behind on both successful and failed fullstack runs. This is possibly related to bug https://bugs.launchpad.net/neutron/+bug/1487548.

[Yahoo-eng-team] [Bug 1481540] Re: no interface created in DHCP namespace for second subnet (dhcp enabled) on a network

[Expired for neutron because there has been no activity for 60 days.] ** Changed in: neutron Status: Incomplete => Expired -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1481540

[Yahoo-eng-team] [Bug 1503028] [NEW] Network topology scrolling is not intuitive

Public bug reported: The network topology once its larger than the screen view, we are supposed to drag it around to see the part out of the screen but the cursor style never changes so its not obvious that the topology can be dragged around in the absence of a scroll bar. ** Affects: horizon

[Yahoo-eng-team] [Bug 1503027] [NEW] default security group creation ignores quota_usages conf

Public bug reported: There is a configuration setting that affects the creation of quota_usages entries for resource tracking, until_refresh. This setting is a count of the number of quota updates to allow before doing a sync of quota_usages to ensure that it is correct. The configuration value

[Yahoo-eng-team] [Bug 1503041] [NEW] Token scoped to a domain can generate token scoped to different domain

Public bug reported: Based on Nathan's blog on Restricting the abilities of Keystone tokens (https://blog-nkinder.rhcloud.com/?p=101) experimented with domain scoped tokens. Pre-req: User has admin privileges on two domains Default and TestDomain. Step 1: Generate unscoped token: cat

[Yahoo-eng-team] [Bug 1503022] [NEW] document Horizon langauges inclusion criteria

Public bug reported: While reviewing https://review.openstack.org/#/c/231136/ Cindy pointed out that we haven't documented this criteria anywhere and suggested http://docs.openstack.org/developer/horizon/contributing.html#translatability? as a potential location. I think this is a good idea, but

[Yahoo-eng-team] [Bug 1473567] Re: Fernet tokens fail tempest runs

** Also affects: tempest Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Keystone. https://bugs.launchpad.net/bugs/1473567 Title: Fernet tokens fail tempest runs Status in Keystone:

[Yahoo-eng-team] [Bug 1502773] [NEW] "Delete Instance" looks better over "Terminate Instance" for consistency

Public bug reported: "Delete Instance" looks better than "Terminate Instance" for consistency. We use "Terminate Instance" for the action label of deleting a server. I think "Delete Instance" is more consistent from the point of both consistency across OpenStack Dashboard and consistency with

[Yahoo-eng-team] [Bug 1499033] Re: Add Liberty release milestone

** Changed in: neutron Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1499033 Title: Add Liberty release milestone Status in neutron: Fix

[Yahoo-eng-team] [Bug 1498684] Re: Fail to use SR-IOV ports when VFIO is loaded

So, my take on that is that this is not technically a bug, rather a current limitation (hence Opinion/Wishlist) That needs at least a blueprint to be created and possibly some discussion around the implementation design, see

[Yahoo-eng-team] [Bug 1502786] [NEW] Add log_config_append and logging_sample.conf

Public bug reported: I want to add logging_sample.conf and description of log_config_append. It would be useful for users who want to configure about logging in detail. ** Affects: neutron Importance: Undecided Assignee: Masaki Matsushita (mmasaki) Status: In Progress -- You

[Yahoo-eng-team] [Bug 1493350] Re: Attach Volume fail : Cinder - ISCSI device symlinks under /dev/disk/by-path in hex.

I'm really not sure what needs to be done in Nova to fix that problem. Feel free to reopen the bug to New if you come up with a described description of any Nova-related issue coming in. ** Changed in: nova Status: New => Invalid ** Changed in: nova Status: Invalid => Opinion --

[Yahoo-eng-team] [Bug 1502369] Re: Jenkins/tox fails to generate docs

** Changed in: glance Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Glance. https://bugs.launchpad.net/bugs/1502369 Title: Jenkins/tox fails to generate docs Status in devstack:

[Yahoo-eng-team] [Bug 1502812] [NEW] [workflows] after submitting workflow, you can not correct faulty parameters

Public bug reported: e.g when creating a network, after submitting the workflow, it either works, or you'll get a error back. Unfortunately, one can not correct inputs and one has to provide all data again. This is most annoying in stacks creation or with create network. ** Affects: horizon

[Yahoo-eng-team] [Bug 1496406] Re: Let RPC workers serve L3 queues too

*** This bug is a duplicate of bug 1498844 *** https://bugs.launchpad.net/bugs/1498844 ** This bug is no longer a duplicate of bug 1419970 L3RpcCallback methods are not handled in rpc_worker processes ** This bug has been marked a duplicate of bug 1498844 Service plugin queues should be

[Yahoo-eng-team] [Bug 1503042] [NEW] Need functional API samples test for os-server-groups GET with all_projects parameter

Public bug reported: The os-server-groups API request can have an 'all_projects' query parameter: https://github.com/openstack/nova/blob/master/nova/api/openstack/compute/server_groups.py#L118 >From what I can tell we don't test that anywhere in the nova functional API tests tree. It's

[Yahoo-eng-team] [Bug 1503055] [NEW] Use AssertIsNone

Public bug reported: Neutron should use the specific assertion:   self.assertIs(Not)None(observed) instead of the generic assertion:   self.assert(Not)Equal(None, observed) ** Affects: neutron Importance: Undecided Assignee: Cedric Brandily (cbrandily) Status: In Progress

[Yahoo-eng-team] [Bug 1503071] [NEW] Use assertTrue

Public bug reported: We should use assertTrue not assertEqual(True, ***). ** Affects: neutron Importance: Undecided Assignee: Hirofumi Ichihara (ichihara-hirofumi) Status: New ** Changed in: neutron Assignee: (unassigned) => Hirofumi Ichihara (ichihara-hirofumi) -- You

[Yahoo-eng-team] [Bug 1503074] [NEW] Use assertFalse

Public bug reported: We should use assertFalse not assertEqual(False, ***). ** Affects: neutron Importance: Undecided Assignee: Hirofumi Ichihara (ichihara-hirofumi) Status: New ** Changed in: neutron Assignee: (unassigned) => Hirofumi Ichihara (ichihara-hirofumi) --

[Yahoo-eng-team] [Bug 1502856] [NEW] test_arp_spoof_icmpv6_neigh_advt_allowed_address_pairs fails with RuntimeError from ping6

Public bug reported: http://logs.openstack.org/22/228422/2/check/gate-neutron-dsvm- functional/0eb73bd/testr_results.html.gz ft1.279: neutron.tests.functional.agent.test_ovs_flows.ARPSpoofOFCtlTestCase.test_arp_spoof_icmpv6_neigh_advt_allowed_address_pairs(native)_StringException: Empty

[Yahoo-eng-team] [Bug 1482633] Re: requests to SSL wrapped sockets hang while reading using py3

Neutron is going to consume ssl functionality fron oslo.service, so this bug is no longer valid for neutron. ** Changed in: neutron Status: Confirmed => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron.

[Yahoo-eng-team] [Bug 1502876] [NEW] Error: You are not allowed to delete volume: $X

Public bug reported: When using Ceph as the back end storage a snapshot of a volume is dependent upon the original volume meaning it is an illegal operation to delete the volume without first deleting the snapshot. Should you try and delete such a volume horizon {kilo} reports back the error

[Yahoo-eng-team] [Bug 1502854] [NEW] Cannot get information about job on fake plugin with empty datasources

Public bug reported: ENVIRONMENT: devstack (05.10.2015) STEPS TO REPRODUCE: 1. Create fake cluster 2. Run job without datasources 3. Wait while job passed 4. Click on job EXPECTED RESULT: Get information about job ACTUAL TESULT: http://paste.openstack.org/show/475283/ ** Affects: horizon

[Yahoo-eng-team] [Bug 1501831] Re: Evacuate libvirt instance failed with error 'Cannot load 'disk_format' in the base class'

** Changed in: nova Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1501831 Title: Evacuate libvirt instance failed with

[Yahoo-eng-team] [Bug 1259292] Re: Some tests use assertEqual(observed, expected) , the argument order is wrong

** Changed in: nova Status: In Progress => Won't Fix ** Changed in: nova Assignee: Rajesh Tailor (rajesh-tailor) => (unassigned) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova).

[Yahoo-eng-team] [Bug 1502850] [NEW] Location add does not catch BadStoreUri

Public bug reported: Overview: If you create an image and then use location-add to add a bad uri, the server returns a 500. As the BadStoreUri is not caught. How to produce: glance image-create glance location-add de6d8022-6954-4039-b53a-042e2fc909de --url file:// 500 Internal Server Error:

[Yahoo-eng-team] [Bug 1484690] Re: Incorrect metadata proxy route via router ip

*** This bug is a duplicate of bug 1483939 *** https://bugs.launchpad.net/bugs/1483939 ** This bug has been marked a duplicate of bug 1483939 Allow host route injection of metadata server IP via DHCP -- You received this bug notification because you are a member of Yahoo! Engineering

[Yahoo-eng-team] [Bug 1500289] Re: Booting instance failed with Kilo stable compute node and liberty controller

** Changed in: nova Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1500289 Title: Booting instance failed with Kilo stable

[Yahoo-eng-team] [Bug 1499028] Re: Rebuild would not apply the migration context before calling the driver

** Changed in: nova Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1499028 Title: Rebuild would not apply the migration

[Yahoo-eng-team] [Bug 1499405] Re: Live block migration fails for instances with LVM ephemeral devices

I had time to did more investigation and I found that the live migration for LVM backed instances is not supported: https://github.com/openstack/nova/blob/master/nova/virt/libvirt/driver.py#L6665 This change https://review.openstack.org/73387 was for raising the NotImplementedError exception

[Yahoo-eng-team] [Bug 1489415] Re: Cross-site Request Forgery token is static throughout the application

Switched to public and set "won't fix" for the security advisory task since this behavior is by design. ** Information type changed from Private Security to Public ** Changed in: ossa Status: Incomplete => Won't Fix -- You received this bug notification because you are a member of

[Yahoo-eng-team] [Bug 1502901] [NEW] allowed address pair rule never matches iptables counter because of MAC address format

Public bug reported: the dialect of mac address rendering we are using[1] omits leading 0s in each hex byte representation. (e.g. 11:11:11:0F:11:11 becomes 11:11:11:F:11:11). This causes the iptables counter matching code to not find this rule and replace it with a new one on every iptables-save

[Yahoo-eng-team] [Bug 1502930] [NEW] ipset grabs semaphore excessively

Public bug reported: ipset grabs a semaphore on the set_members operation so it ensures only one caller is modifying the sets. However, set_members is called many times on a single security group update when an agent is hosting ports that are all members of the same security groups. It returns

[Yahoo-eng-team] [Bug 1496055] Re: Status-line of HTTP responce is wrong

** Also affects: cinder Importance: Undecided Status: New ** Changed in: cinder Assignee: (unassigned) => Ivan Kolodyazhny (e0ne) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova).

[Yahoo-eng-team] [Bug 1502932] [NEW] iptables bare jump rule is not getting comments put in the right spot

Public bug reported: the bare iptables jump rules (jump without any criteria) are not having comments put in the correct place so they are being replaced on every iptables reload. ** Affects: neutron Importance: Undecided Assignee: Kevin Benton (kevinbenton) Status: New **

[Yahoo-eng-team] [Bug 1500567] Re: port binding host_id does not update when removing openvswitch agent

Out of curiosity why did you have to delete the ovs agent on that host? I can't imagine any use case... ** Changed in: neutron Status: New => Opinion -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron.

[Yahoo-eng-team] [Bug 1502924] [NEW] our ipv6 icmp rules don't match iptables output

Public bug reported: our code that generates iptables rules for ipv6 icmp rules does not match the format that they are printed back out from iptables-save. This causes counters to be lost on those rules since the iptables manger can't match the rules we generate to the output. We are using a

[Yahoo-eng-team] [Bug 1502898] [NEW] icmpv6 user specified rules allow all ICMP regardless of type

Public bug reported: If a user specifies a ICMP allow rule for IPv6 with a specific type/code, that information is lost on rendering into iptables rules and it turns into an allow rule for all ICMP. ** Affects: neutron Importance: Undecided Status: Invalid ** Changed in: neutron

[Yahoo-eng-team] [Bug 1350608] Re: Request ID header is lost between nova.virt.ironic and ironic-api service

** Changed in: ironic Status: In Progress => Confirmed ** Changed in: ironic Assignee: Anusha (anusha-iiitm) => (unassigned) ** Also affects: nova Importance: Undecided Status: New ** Tags added: ironic -- You received this bug notification because you are a member of

[Yahoo-eng-team] [Bug 1502906] [NEW] fallback accept rule in iptables is added after every port

Public bug reported: the fallback accept rule in the iptables rule generation is added after every port. This would normally break the filtering since none of the ports would make it beyond the ACCEPT, but we have duplicate rule removal logic that just happens to get rid of the extras right

[Yahoo-eng-team] [Bug 1498163] Re: [OSSA 2015-020] Glance storage quota bypass when token is expired (CVE-2015-5286)

** Changed in: ossa Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Glance. https://bugs.launchpad.net/bugs/1498163 Title: [OSSA 2015-020] Glance storage quota bypass when token is

[Yahoo-eng-team] [Bug 1502917] [NEW] iptables rule generation doesn't match prefixes of /0, /32 and /128 correctly

Public bug reported: We currently generate single host rules as just the IP address and /0 rules for any address (for source and destination matching criteria). This is compatible with the input of iptables but it's not the way the rules are represented by iptables when they come back. Iptables

[Yahoo-eng-team] [Bug 1502280] Re: Visible token in HTTP

As noted, the security promise of bearer tokens relies on not exposing them to a would-be attacker, so this is a shortcoming of your deployment configuration not a security vulnerability in the underlying implementation. ** Information type changed from Private Security to Public ** Description

[Yahoo-eng-team] [Bug 1502929] [NEW] XenServer 6.5 fails to attach to Cinder volumes

Public bug reported: There is a bug when connecting to Cinder volumes over iSCSI with XenAPI where a tapdisk is not correctly spawned. This has been fixed in https://github.com/xapi- project/sm/commit/7a8a158493d03ceeb31bc8a43b7f213e74420bf0 however, users of XenServer 6.5 need a workaround in

[Yahoo-eng-team] [Bug 1502946] [NEW] kernel crash on m400 arm64 server cartridge

Public bug reported: We've made some progress on bug 1499869 , such that on Friday I actually had successful installs. An attempt at an install today shows a kernel stack trace early in the boot, then the initramfs not finding any network devices and thus failing to mount the iscsi root. The

[Yahoo-eng-team] [Bug 1499406] Re: The option force_metadata = True is broken

** Changed in: neutron Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1499406 Title: The option force_metadata = True is broken Status in

[Yahoo-eng-team] [Bug 1502947] [NEW] Remove old neutronclient based fallback mechanism from metadata agent

Public bug reported: The new RPC interface has proved itself for two cycles, I don't recollect any serious issues with it, so let's just clean up the obsolete neutronclient based fallback mechanism. ** Affects: neutron Importance: Undecided Assignee: Ihar Hrachyshka (ihar-hrachyshka)

[Yahoo-eng-team] [Bug 1489415] Re: Cross-site Request Forgery token is static throughout the application

Setting to "won't fix" for horizon, since it is by design in django. ** Changed in: horizon Status: New => Won't Fix -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).

[Yahoo-eng-team] [Bug 1501779] Re: Failing to delete an linux bridge causes log littering

** Changed in: neutron Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1501779 Title: Failing to delete an linux bridge causes log littering

[Yahoo-eng-team] [Bug 1502961] [NEW] libvirt spawn with configdrive failed with UnboundLocalError

Public bug reported: If we create a libvirt sever that requires configdrive, it will fail with follow error: 2015-10-05 09:02:50.714 30941 ERROR nova.compute.manager [instance: ada89410-3ce1-44bf-b1e5-f3a0a9dfd846] File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/driver.py", line

[Yahoo-eng-team] [Bug 1500528] Re: Deprecate config option 'use_helper_for_ns_read'

I commented on the patch, but this exists because /var/run/netns can be secured on any OS. We need to work in these secure environments as well. ** Changed in: neutron Status: New => Opinion -- You received this bug notification because you are a member of Yahoo! Engineering Team, which