Public bug reported:
It may be https://bugs.launchpad.net/nova/+bug/1454901 resurfacing
again..
Symptoms using fresh DevStack/master:
I follow the docs
https://docs.openstack.org/nova/latest/user/launch-instance-using-ISO-image.html
and using tinycore iso for testing http://tinycorelinux.net/ (
Public bug reported:
Effectively adding this extra spec to use the 'granular resource
request' feature of placement also requires that all the computes such
flavor attempts to target are added into an aggregate with the metadata
'group_policy' set and equal to 'none' or 'isolate'.
We either have
** Changed in: nova
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1889655
Title:
removeSecurityGroup action returns 500 when
Public bug reported:
Discovered in a environment that was configured with
[libvirt]
images_type = raw
only, the other relevant options were at their defaults (use_cow_images
= True, force_raw_images = False).
Symptom - the instances were non-responsive and non running after cold
migration (e.g
Public bug reported:
The reason seems to be this line
https://opendev.org/openstack/nova/src/commit/ba9d4c909beff4e9ab86911a35dd5db8d8ce08d6/nova/compute/api.py#L6646
nodes = objects.ComputeNodeList.get_all_by_host(context, host_name)
node_name = nodes[0].hypervisor_hostname
Whi
ostics call is admin-only, this is probably not worth worrying.
** Affects: nova
Importance: Undecided
Assignee: Pavlo Shchelokovskyy (pshchelo)
Status: New
** Changed in: nova
Assignee: (unassigned) => Pavlo Shchelokovskyy (pshchelo)
--
You received this bug notification
** Also affects: oslo.cache
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1578401
Title:
tokens in memcache have no/imp
Closing this as invalid - setting authorization_ttl for the IdP in
Keystone (or default_authorization_ttl in config) allows the appcreds to
be created and work for this amount of time after the federated user has
logged in.
May be not ideal for some applications, but clearly security
consideration
Public bug reported:
Tested on devstack/master + SAML2 and victoria + OpenIDConnect.
Setup on devstack + SAML:
- install devstack as per keystone-dsvm-py3-functional-federation-ubuntu-focal
job
- run the test
keystone_tempest_plugin.tests.scenario.test_federated_authentication.TestSaml2Federate
Public bug reported:
When attaching PCI devices to the instance (e.g. via PCI passthru), the
final order and addresses of devices as seen from inside the instance
can change between reboots:
E.g. these are the snippets from qemu command line args as seen thru
`ps`:
-device vfio-pci,host=5e:00.1,
Public bug reported:
This is very similar to https://bugs.launchpad.net/nova/+bug/1944759
(which should be fixed already) but still happens when resizing to the
same host.
reproduction:
fresh single node devstack/master (Nova commit
b5029890c1c5b1b5153c9ca2fc9a8ea2437f635d)
in nova-cpu.conf I s
Public bug reported:
This looks like aftermath of fixing
https://bugs.launchpad.net/neutron/+bug/1928466
According to docs https://docs.openstack.org/api-
ref/network/v2/?expanded=create-port-detail#create-port the ip_address
in allowed_address_pairs of a port can be a CIDR.
Change https://revie
some network info about instances.
After the cache is invalidated, the catalog starts to be generated for
token validation response anew, and everything starts to work as
expected.
** Affects: keystone
Importance: Undecided
Assignee: Pavlo Shchelokovskyy (pshchelo)
Status: In
c8395eb459f5a93/keystone/identity/core.py#L1106-L1108
Instead I think this check and removal of domain hints should be done later,
immediately before the actual identity driver (which may be domain unaware) is
called
in "_handle_shadow_and_local_users" method
https://opendev.org/opensta
2dcfdcc365733161cac/nova/network/security_group_api.py#L611-L618
vs `remove_from_instance`
https://opendev.org/openstack/nova/src/commit/2f3a380c3c081fb022c8a2dcfdcc365733161cac/nova/network/security_group_api.py#L674-L679
the latter does not handle NeutronClientNoUniqueMatch exception
** Affec
Public bug reported:
When configured with LVM local storage for ephemeral partitions, Nova performs
wiping operation using `shred` before removing volume once a VM is deleted.
`shred` consumes a lot of CPU and almost all disk bandwidth (even on SSDs)
which drastically affects the performance of
Public bug reported:
Heat's bug: https://storyboard.openstack.org/#!/story/2005210
Heat creates service users in its dedicated domain on the fly. These are
crucial in situations that require deferred authentications, for example
autoscaling.
There's a password_regex option in [security_complianc
Public bug reported:
Heat's bug: https://storyboard.openstack.org/#!/story/2005210
Heat creates service users in its dedicated domain on the fly. These are
crucial in situations that require deferred authentications, for example
autoscaling.
While it is currently possible to ignore some settings
I believe we can close this, fix to glanceclient was merged >1y ago.
** Changed in: glance
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1697163
"openstack domain
list" takes up to 7 seconds and login to the Horizon - up to 20 seconds.
Additionally filtering the corresponding query in
get_domain_mapping_list method by entity_type speeds up things somewhat.
** Affects: keystone
Importance: Undecided
Assignee: Pavlo Shch
Public bug reported:
Change https://review.openstack.org/#/c/559438/ (related bug 1755874)
introduced concept of locking user password from changing via self
service in Keystone V3 API.
Horizon should implement support for changing this user option too.
Sibling story for python-openstackclient
h
Public bug reported:
While fixing bug 1641645 the solution was to 'unprotect' the
v3/users/{id}/password endpoint.
However some deployments that were using Keystone v2 and are migrating
to v3 use ability to block users from changing their passwords (via
edited policy in policy.json), and are now
is not reproduced on master, most probably you have an older OpenStack
version (Pike?)
on recent devstack:
$ curl https://192.168.100.11/placement
{"versions": [{"min_version": "1.0", "max_version": "1.17", "id":
"v1.0"}]}
** Changed in: nova
Status: New => Invalid
--
You received this
uld be treated as proper date.
** Affects: horizon
Importance: Undecided
Assignee: Pavlo Shchelokovskyy (pshchelo)
Status: In Progress
** Changed in: horizon
Assignee: (unassigned) => Pavlo Shchelokovskyy (pshchelo)
--
You received this bug notification because you ar
: Pavlo Shchelokovskyy (pshchelo)
Status: In Progress
** Tags: ironic scheduler
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1711184
Title:
scheduler selects
Public bug reported:
logstash query (>70 hits for last 7 days)
http://logstash.openstack.org/#dashboard/file/logstash.json?query=message%3A%5C%22NotFound%3A%20Basic.publish%3A%20(404)%20NOT_FOUND%20-%20no%20exchange%20'q-agent-notifier-port-'%5C%22%20AND%20build_status%3AFAILURE
example of the fa
Lucas,
I was using the agent_ipmitool driver in Ironic, and ubuntu images.
Anyway, I can no longer reproduce this bug on latest master, so please close as
invalid. Feel free to reopen if it resurfaces.
** Changed in: ironic
Status: Incomplete => Invalid
** Changed in: nova
Statu
Public bug reported:
Using fresh master of DevStack, I can not deploy partition images to
Ironic nodes via Nova.
I have two images in Glance - kernel image and partition image with
kernel_id property set.
I have configured Ironic nodes and nova flavor with capabilities:
"boot_option: local" as d
Public bug reported:
this is on latest devstack master and might be related to bug 1572472
Reproduce
1. deploy Ironic+Nova in DevStack as usual, 3 VMs x 1cpu,1024MB RAM,10GB disk
posing as Ironic nodes
ironic node-list
+--++---+---
properly converted to oslo objects before
generating config.
** Affects: nova
Importance: Undecided
Assignee: Pavlo Shchelokovskyy (pshchelo)
Status: In Progress
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to
Public bug reported:
When booting a nova instance with baremetal flavor, one can not provide
a pre-created neutron port to "nova boot" command.
The reason is obvious - to successfully deploy, mac address of the port
must be the same as mac address of the ironic port corresponding to the
ironic no
** Also affects: heat
Importance: Undecided
Status: New
** Changed in: heat
Importance: Undecided => Low
** Changed in: heat
Assignee: (unassigned) => Pavlo Shchelokovskyy (pshchelo)
--
You received this bug notification because you are a member of Yahoo!
Engineerin
Public bug reported:
Using fresh master of devstack and fresh masters of all services.
When I try to login into the Dashboard, I do not leave the login page
(as if nothing happened, no error displayed). Strangely the screen log
for horizon service in devstack displays
[Wed Jun 18 10:09:46.533780
Public bug reported:
Steps to reproduce:
- launch a stack by any means (CLI or via Dashboard)
- go to Orchestration -> Stacks -> Resources -> click on any resource
- the resource page is displaying a resource UUID as a link
Expected:
this link must lead to the actual resource page in the other OS
34 matches
Mail list logo