Public bug reported: The Neutron metadata agent listens on a unix domain socket for requests coming from Neutron metadata proxies. This communication is done via the HTTP protocol. When the Neutron Server is configured to use SSL the use_ssl flag in Neutron will be set to True. As it turns out, this also affects the Neutron metadata agent.
We use OpenStack Liberty on Ubuntu 14.04 using cloud archive packages. To reproduce: Enable SSL in neutron.conf: use_ssl = True ssl_cert_file = /etc/neutron/ssl/cert.crt ssl_key_file = /etc/neutron/ssl/cert.key Do a request to the Neutron metadata proxy socket: echo 'GET /' | socat - UNIX-CONNECT:/var/lib/neutron/metadata_proxy Expected behaviour: Should return a HTTP 500 error, because of missing headers. Actual behaviour: Connection is immediately clossed. Workaround: Set 'use_ssl = False' in metadata_agent.ini. ** Affects: neutron Importance: Undecided Status: New ** Tags: neutron-metadata-agent -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1536258 Title: Metadata agent fails when use_ssl is set to True in neutron.conf Status in neutron: New Bug description: The Neutron metadata agent listens on a unix domain socket for requests coming from Neutron metadata proxies. This communication is done via the HTTP protocol. When the Neutron Server is configured to use SSL the use_ssl flag in Neutron will be set to True. As it turns out, this also affects the Neutron metadata agent. We use OpenStack Liberty on Ubuntu 14.04 using cloud archive packages. To reproduce: Enable SSL in neutron.conf: use_ssl = True ssl_cert_file = /etc/neutron/ssl/cert.crt ssl_key_file = /etc/neutron/ssl/cert.key Do a request to the Neutron metadata proxy socket: echo 'GET /' | socat - UNIX-CONNECT:/var/lib/neutron/metadata_proxy Expected behaviour: Should return a HTTP 500 error, because of missing headers. Actual behaviour: Connection is immediately clossed. Workaround: Set 'use_ssl = False' in metadata_agent.ini. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1536258/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp