Public bug reported:
Description
===
I'm using backy2 to back up instance images. For the sake of incremental
backups, we keep a pending last-backed-up snapshot associated with each
instance at all times.
When an instance is deleted, the rbd delete call fails silently and
leaves both
Public bug reported:
I'm hoping that my cloud will soon be able to adopt the new default
scoped role model documented at
https://docs.openstack.org/keystone/latest/admin/service-api-
protection.html
That document is good about detailing which roles can read and view
existing role assignments,
Public bug reported:
As we move towards having 'reader' roles in nova, we can get into some
interesting situations where a user can see a resource but not use it.
Today I have a case where I've added a private flavor to projects A and
B, created a VM in project B, and then removed the flavor
Public bug reported:
I use jinja templating for vendor data; it works with my .deb packaged
version of cloud-init, 20.2-2~deb10u1
Testing with the latest git checkout, I see a json parser chocking on
curly braces. That suggests that it's skipping the jinja rendering
step, or trying to run it
Public bug reported:
If I'm in the process of using Horizon and my keystone token expires,
Horizon keeps on 'working.' Anything that involves an API call fails,
and I get an error notice about the failure, but the frames keep loading
and display a patchwork of information (depending on what may
Public bug reported:
requirements.txt contains these lines:
Django<2,>=1.11;python_version<'3.0' # BSD
Django<2.1,>=1.11;python_version>='3.0' # BSD
First of all, it seems weird that there are two conflicting lines for
the same package. But, I'm seeing a more serious issue. Throughout
Public bug reported:
The Horizon image panel provides a 'Launch' button to create a server
from a given image.
The django code for this button has correct policy checks; the Angular
code has none. That means that the 'Launch' button displays even if the
user is not permitted to launch
Public bug reported:
I recently had some bad experiences running nova-compute on a linux
4.4-series kernel. Specifically, the security-group code properly
configured IPtables but the actual rules were completely bypassed --
EVERY port on EVERY instance was open to the outside world.
This is
Public bug reported:
I have a project with 130+ instances in it. When I set a 'source group'
security rule in that project, the rule is never applied on the compute nodes.
nova-compute logs include timeout warnings like the one pasted below.
This timeout only happens in 'big' cases. If I add
Public bug reported:
I have recently upgraded my cluster to Liberty for all projects. Now,
when I create new instances, I frequently get an incorrect quota warning
from the instance creation workflow, despite having plenty of available
quota:
"The requested instance cannot be launched as you
Public bug reported:
My long-standing Nova installation has the following columns in the
security_groups table:
+-+--+--+-+-++
| Field | Type | Null | Key | Default | Extra |
Public bug reported:
I use qcow images and have disk_allocation_ratio == 2.1 to allow large
amounts of overcommitting of disk space. To quote the nova config
reference:
> If the value is set to >1, we recommend keeping track of the free disk
> space, as the value approaching 0 may result in
Public bug reported:
The 'openstack' cli tool defaults to keystone version 2.0. When pointed
to a v3 endpoint, it fails like this:
$ openstack service list
ERROR: openstack
This can easily be resolved by setting OS_IDENTITY_API_VERSION=3 --
that's not obvious from the error message, though,
Public bug reported:
I'm a member of several dozen projects -- more than can fit in a single
screen's worth of drop-down. Right now I'm trying to view the VMs in a
project called 'testlabs.'
- When I click on the 'project' drop-down up top, it displays the first 20 or
so projects, and then a
Public bug reported:
Security groups and rules worked fine in Juno, but ever since my upgrade
to Kilo I'm unable to delete rules.
andrew@labcontrol1001:~$ nova secgroup-delete-rule default tcp 666 666
10.0.0.0/8
+-+---+-++--+
| IP Protocol |
Public bug reported:
As per
https://www.mail-
archive.com/search?l=openst...@lists.openstack.orgq=subject:%22Re\%3A+\[Openstack\]+How+should+an+instance+learn+what+tenant+it+is+in\%3F%22o=newest
It's weirdly hard for an instance to learn what project it's in. Let's
just add project_id to
Public bug reported:
I frequently update the base Trusty images available to my users. After
I do that, I want to discourage them from creating new servers based on
the old images.
If I remove the old images entirely or make them private, Horizon shows
servers as having type 'unknown.' I'd
Public bug reported:
As of Icehouse, at least, keystone doesn't ever clean up expired tokens.
After a few years, my keystone ridiculously huge, causing query timeouts
and such.
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because
18 matches
Mail list logo
