[
https://issues.apache.org/jira/browse/WHIRR-249?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13040155#comment-13040155
]
Andrei Savu commented on WHIRR-249:
-----------------------------------
I've also discovered a bug in jclouds. If I specify an empty description when
creating a new security group the call signature is wrong.
For the following call:
{code}
ec2Client.getSecurityGroupServices()
.createSecurityGroupInRegion(REGION, groupName, "");
{code}
I get this exception:
{noformat}
-------------------------------------------------------------------------------
Test set: org.apache.whirr.service.jclouds.integration.FirewallSettingsTest
-------------------------------------------------------------------------------
Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 4.905 sec <<<
FAILURE!
testFirewallAuthorizationIsIdempotent(org.apache.whirr.service.jclouds.integration.FirewallSettingsTest)
Time elapsed: 1.035 sec <<< ERROR!
org.jclouds.rest.AuthorizationException: The request signature we calculated
does not match the signature you provided. Check your AWS Secret Access Key and
signing method. Consult the service documentation for details.
at
org.jclouds.aws.handlers.ParseAWSErrorFromXmlContent.refineException(ParseAWSErrorFromXmlContent.java:114)
at
org.jclouds.aws.handlers.ParseAWSErrorFromXmlContent.handleError(ParseAWSErrorFromXmlContent.java:85)
at
org.jclouds.http.handlers.DelegatingErrorHandler.handleError(DelegatingErrorHandler.java:69)
at
org.jclouds.http.internal.BaseHttpCommandExecutorService$HttpResponseCallable.shouldContinue(BaseHttpCommandExecutorService.java:200)
at
org.jclouds.http.internal.BaseHttpCommandExecutorService$HttpResponseCallable.call(BaseHttpCommandExecutorService.java:165)
at
org.jclouds.http.internal.BaseHttpCommandExecutorService$HttpResponseCallable.call(BaseHttpCommandExecutorService.java:134)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: org.jclouds.http.HttpResponseException: command: POST
https://ec2.us-east-1.amazonaws.com/ HTTP/1.1 failed with response: HTTP/1.1
403 Forbidden; content: [The request signature we calculated does not match the
signature you provided. Check your AWS Secret Access Key and signing method.
Consult the service documentation for details.]
at
org.jclouds.aws.handlers.ParseAWSErrorFromXmlContent.handleError(ParseAWSErrorFromXmlContent.java:74)
... 9 more
{noformat}
> Firewall authorization should be idempotent
> -------------------------------------------
>
> Key: WHIRR-249
> URL: https://issues.apache.org/jira/browse/WHIRR-249
> Project: Whirr
> Issue Type: Bug
> Reporter: Tom White
> Fix For: 0.6.0
>
> Attachments: WHIRR-249.patch
>
>
> Sometimes firewall rules are left over from a previous cluster that wasn't
> shut down properly, leading to cluster launch failure. This can be fixed by
> making FirewallSettings.authorizeIngress idempotent.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
