Reviewed: https://review.openstack.org/254900 Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=7dad96deb4ae66509d968465bcd1c852c6743bc1 Submitter: Jenkins Branch: master
commit 7dad96deb4ae66509d968465bcd1c852c6743bc1 Author: Jeremy McDermond <mcde...@xenotropic.com> Date: Tue Dec 8 10:14:09 2015 -0800 Add option for nova endpoint type When the neutron notification to nova was updated to use novaclient the nova_url parameter was disabled. This prevents administrators from using anything but the publicURL as the proper endpoint to notify nova. This patch adds an option to pass on to novaclient for the endpoint_type so that the administrator can set the notification url to public, internal or admin. Change-Id: I405f761944449cab6b8c8895f98419f79cd74cad Closes-Bug: #1478471 DocImpact: Need to add a new option to the neutron configuration reference. ** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1478471 Title: neutron can't use internal nova-api url for notification with v3 auth Status in neutron: Fix Released Bug description: Hi! When the v3 auth plugin is used for notifying nova on changes, the config parameter nova_url is ignored and neutron uses public endpoint automatically. If internalURL and publicURL are not the same, and publicURL is not accessible for internal services, than the notification will fail and so will VM creation. I tried to look for any config parmeter to change this behavior, but couldn't find any. OS: Ubuntu 14.04 Neutron version: 1:2015.1.0-0ubuntu1~cloud0 my nova endpoints: +--------------+---------------------------------------------+ | Field | Value | +--------------+---------------------------------------------+ | adminurl | http://192.168.56.10:8774/v2/%(tenant_id)s | | enabled | True | | id | 3706c3fe985c4219a145a7ec83c14955 | | internalurl | http://192.168.56.10:8774/v2/%(tenant_id)s | | publicurl | https://192.168.55.10:8774/v2/%(tenant_id)s | | region | labor | | service_id | ebc286c9356449819d2c7a7a5fbd1c77 | | service_name | nova | | service_type | compute | +--------------+---------------------------------------------+ partial log: 2015-07-23 11:31:06.021 24522 DEBUG keystoneclient.auth.identity.v3 [-] Making authentication request to http://192.168.56.10:35357/v3/auth/tokens get_auth_ref /usr/lib/python2.7/dist-packages/keystoneclient/auth/identity/v3.py:125 2015-07-23 11:31:06.385 24522 DEBUG keystoneclient.session [-] REQ: curl -g -i -X POST https://192.168.55.10:8774/v2/d239fb491e944da39e430174dc5fd33e/os-server-external-events -H "User-Agent: python-novaclient" -H "Content-Type: applicat$ 2015-07-23 11:31:06.443 24522 ERROR neutron.notifiers.nova [-] Failed to notify nova on events: [{'status': 'completed', 'tag': u'2a6ce600-1c57-4f91-a17e-1623adf9e1ee', 'name': 'network-vif-plugged', 'server_uuid': u'f77b2756-99ed-4259-b$ 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova Traceback (most recent call last): 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova File "/usr/lib/python2.7/dist-packages/neutron/notifiers/nova.py", line 243, in send_events 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova batched_events) 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova File "/usr/lib/python2.7/dist-packages/novaclient/v2/contrib/server_external_events.py", line 39, in create 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova return_raw=True) 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova File "/usr/lib/python2.7/dist-packages/novaclient/base.py", line 152, in _create 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova _resp, body = self.api.client.post(url, body=body) 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova File "/usr/lib/python2.7/dist-packages/keystoneclient/adapter.py", line 170, in post 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova return self.request(url, 'POST', **kwargs) 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova File "/usr/lib/python2.7/dist-packages/novaclient/client.py", line 89, in request 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova **kwargs) 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova File "/usr/lib/python2.7/dist-packages/keystoneclient/adapter.py", line 200, in request 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova resp = super(LegacyJsonAdapter, self).request(*args, **kwargs) 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova File "/usr/lib/python2.7/dist-packages/keystoneclient/adapter.py", line 89, in request 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova return self.session.request(url, method, **kwargs) 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova File "/usr/lib/python2.7/dist-packages/keystoneclient/utils.py", line 318, in inner 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova return func(*args, **kwargs) 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova File "/usr/lib/python2.7/dist-packages/keystoneclient/session.py", line 374, in request 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova resp = send(**kwargs) 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova File "/usr/lib/python2.7/dist-packages/keystoneclient/session.py", line 411, in _send_request 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova raise exceptions.SSLError(msg) 2015-07-23 11:31:06.443 24522 TRACE neutron.notifiers.nova SSLError: SSL exception connecting to https://192.168.55.10:8774/v2/d239fb491e944da39e430174dc5fd33e/os-server-external-events The log show an SSL exception log, but thats just beacuse my public endpoint is SSL protected, Neutron should use internal endpoint instead. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1478471/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp