** Description changed: When the swift backend store is in use, with the keystone auth strategy enabled, and delayed_delete configured false, image deletion in glance leads to the corresponding swift object being leaked. This results from the attempted object deletion in glance/store/swift.py failing silently with: - Auth GET failed: http://keystone_host:5000/tokens 404 Not Found + Auth GET failed: http://keystone_host:5000/tokens 404 Not Found The root cause is that the auth url associated with the swift connection used for deletion is missing a trailing forward slash. + + Ubuntu SRU Justification + ------------------------- + [Impact] + When Glance is configured to use Swift as a backend store and when Keystone authentication is enabled, requests are sent to the Keystone Auth URL without a trailing slash. This results in 404s from the Keystone API server, causing authentication requests in Glance's swift client middleware to fail. The original report cites situations where image deletion silently fails, though others report this completely breaks Swift+Glance integration. + + [Development Fix] + This issue has been fixed since the release of Essex and has been released in the first Openstack Folsom milestone (f1) https://review.openstack.org/6480 + + [Stable Fix] + The fix has been backported upstream to the stable/essex branch. Cherry picking the commit and applying it to the Essex/12.04 packaging should be enough to fix the issue. http://bazaar.launchpad.net/~gandelman-a/ubuntu/precise/glance/sru_979745/revision/52 + + [Test Case] + Configure glance to use Swift as a backing store with Keystone authentication. Uploading, deleting and getting images should result in 404s from Keystone for requests to the configured auth URL. + + [Regression Potential] + Minimal. The patch simply formats the keystone URL appropriately within Glance's swift client code. This code path is not hit unless the glance server is configured to use a Keystone-authenticated Swift backend.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/979745 Title: with keystone auth, image objects left behind in swift post-deletion To manage notifications about this bug go to: https://bugs.launchpad.net/glance/+bug/979745/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
