Reviewed: https://review.openstack.org/329661 Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=4317166b72bb0aadd0321acdf9f2450c1a99d0a4 Submitter: Jenkins Branch: master
commit 4317166b72bb0aadd0321acdf9f2450c1a99d0a4 Author: Matt Riedemann <[email protected]> Date: Tue Jun 14 16:05:35 2016 -0400 Handle keypair not found from metadata server With commit e83842b80b73c451f78a4bb9e7bd5dfcebdefcab we attempt to load keypairs for an instance from instance_extra, but if that hasn't been migrated yet we fall back to loading the keypair from the database by name. If the keypair was deleted, the instance object will just set an empty KeyPairList for instance.keypairs and we'll get an IndexError when using self.instance.keypairs[0] in _metadata_as_json. This adds a check that instance.keypairs actually has something in it. If not, we log a message and don't return any key values in the metadata dict - same as if instance.key_name wasn't set to begin with. Change-Id: If823867d1df4bafa46978e62e05826d1f12c9269 Closes-Bug: #1592167 ** Changed in: nova Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1592167 Title: Deleted keypair causes metadata failure Status in OpenStack Compute (nova): Fix Released Status in OpenStack Compute (nova) mitaka series: Confirmed Bug description: Description =========== If a user deletes a keypair that was used to create an instance, that instance receives HTTP 400 errors when attempting to get metadata via http://169.254.169.254/openstack/latest/meta_data.json. This causes problems in the instance when cloud-init fails to retrieve the OpenStack datasource. Steps to reproduce ================== 1. Create instance with SSH keypair defined. 2. Delete SSH keypair 3. Attempt 'curl http://169.254.169.254/openstack/latest/meta_data.json' from the instance Expected result =============== Instance receives metadata from http://169.254.169.254/openstack/latest/meta_data.json Actual result ============= Instance receives HTTP 400 error. Additionally, Ubuntu Cloud Image instances will fail back to the ec2 datasource and re-generate Host SSH keys. Environment =========== Nova: 2015.1.4.2 Hypervisor: Libvirt + KVM Storage: Ceph Network: Liberty Neutron ML2+OVS Logs ==== [req-a8385839-6993-4289-96dc-1714afe82597 - - - - -] FaultWrapper error Traceback (most recent call last): File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/ec2/__init__.py", line 93, in __call__ return req.get_response(self.application) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/request.py", line 1299, in send application, catch_exc_info=False) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/request.py", line 1263, in call_application app_iter = application(self.environ, start_response) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/dec.py", line 130, in __call__ resp = self.call_func(req, *args, **self.kwargs) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/dec.py", line 195, in call_func return self.func(req, *args, **kwargs) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/ec2/__init__.py", line 105, in __call__ rv = req.get_response(self.application) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/request.py", line 1299, in send application, catch_exc_info=False) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/request.py", line 1263, in call_application app_iter = application(self.environ, start_response) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/dec.py", line 130, in __call__ resp = self.call_func(req, *args, **self.kwargs) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/webob/dec.py", line 195, in call_func return self.func(req, *args, **kwargs) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/metadata/handler.py", line 137, in __call__ data = meta_data.lookup(req.path_info) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/metadata/base.py", line 418, in lookup data = self.get_openstack_item(path_tokens[1:]) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/metadata/base.py", line 297, in get_openstack_item return self._route_configuration().handle_path(path_tokens) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/metadata/base.py", line 491, in handle_path return path_handler(version, path) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/api/metadata/base.py", line 316, in _metadata_as_json self.instance.key_name) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/objects/base.py", line 163, in wrapper result = fn(cls, context, *args, **kwargs) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/objects/keypair.py", line 60, in get_by_name db_keypair = db.key_pair_get(context, user_id, name) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/db/api.py", line 937, in key_pair_get return IMPL.key_pair_get(context, user_id, name) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/db/sqlalchemy/api.py", line 233, in wrapper return f(*args, **kwargs) File "/opt/cat/openstack/nova/local/lib/python2.7/site-packages/nova/db/sqlalchemy/api.py", line 2719, in key_pair_get raise exception.KeypairNotFound(user_id=user_id, name=name) KeypairNotFound: Keypair keypair_name not found for user ffffffffffffffffffffffffffffffff To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1592167/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
