fog-openstack
fog-openstack copied to clipboard
fog
broken auth_url
It seems that the examples/suggested configs where the openstack_auth_path is set to <host-url>/v3/auth/tokens don't work with the current version of fog. Using GitLab 11.9.12 for example, the auth url incorrectly becomes <host-url>/v3/auth/tokens/auth/tokens. GitLab appears to be using fog 1.0.8: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/21788/diffs#21fb5836b499a2be648386aac055d2e069160d6c_247_246
Hi @rokroskar,
I have the same issue, did you find a way to get it working ?
Thanks!
I opened also https://gitlab.com/gitlab-org/gitlab/issues/208825
Hi @nsteinmetz, the solution is just to strip out /auth/tokens at the end of openstack_auth_url.
Hope that helps!
Seems the bug changed a bit since yours in fact.
Seems now the /v2/tokens is added automatically so I can't use a V3 endpoint whereas OVH (my openstack provider) will shut down V2 endpoint by end of the month...
Surely they didn't downgrade from v3 api to v2? A silly thought but maybe worth trying - you have a / after v3 in your example in the gitlab issue - did you try it without? I.e. https://auth.cloud.ovh.net/v3 instead of https://auth.cloud.ovh.net/v3/?
@rokroskar I tried indeed but forgot to mention it - and it fails too.
It leads to path => "/v3/v2.0/tokens"
Hi, @nsteinmetz did you managed to find a solution ? I'm having the same problem. Ovh replanned the v2 shutdown to 23 june 2020... Thanks
Hi @axi
I switched to S3 endpoints on OVH instead of swift for the time being.
The issue on gitlab side is in backlog but no progress for a month.
To use v3 authentication endpoint on OVH :
- auth_url: https://auth.cloud.ovh.net/
- username
- api_key
- project_id
If you add tenant_id the library automatically switch to token V2 (because tenant_id is a token v2 key), see here.
I use OVH for several month like that and it works for me.
@ShamoX thanks for the tip !
This works like a charm:
gitlab_rails['backup_upload_connection'] = {
'provider' => 'OpenStack',
'openstack_username' => 'XXX',
'openstack_api_key' => 'XXX',
'openstack_auth_url' => 'https://auth.cloud.ovh.net',
'openstack_region' => 'XXX'
}
Hi, I have quite the same issue even with correct settings. Might it be because v3 endpoints are not listed in the catalog?
| keystone | identity | RegionOne
| | | internal: http://myopenstack-private.com:5000/v2.0
| | | RegionOne
| | | public: https://myopenstack:5000/v2.0
| | | RegionOne
| | | admin: http://myopenstack-private:35357/v2.0
I can authenticate just fine:
@auth_v3 = {
openstack_auth_url: 'https://myopenstack.com:5000',
openstack_username: 'myuser',
openstack_api_key: 'mypassword',
openstack_project_name: 'myproject',
openstack_domain_name: 'mydomain',
openstack_endpoint_type: 'publicURL',
}
> keystone = Fog::OpenStack::Identity.new(@auth_v3)
=> #<Fog::OpenStack::Identity::V3::Real:23684020 @openstack_auth_url="https://myopenstack.com:5000" ...
> keystone.auth_token
=> "mytoken"
But then all URLs are broken:
> keystone.list_projects
Fog::OpenStack::Identity::NotFound: Expected([200]) <=> Actual(404 Not Found)
excon.error.response
:body => "{\"error\": {\"message\": \"The resource could not be found.\", \"code\": 404, \"title\": \"Not Found\"}}"
:path => "/v2.0/v3/projects"
...
> keystone.list_domains
Fog::OpenStack::Identity::NotFound: Expected([200]) <=> Actual(404 Not Found)
excon.error.response
:body => "{\"error\": {\"message\": \"The resource could not be found.\", \"code\": 404, \"title\": \"Not Found\"}}"
:path => "/v2.0/v3/domains"
@achevalet it seems indeed that v3 endpoints are not available in your case based on what you provide. You should use a V2 auth schema then.
Actually V3 is enabled but not listed in the catalog. I have to use V3, I cannot connect with V2.
I tried, but the answer was "this is just normal and all other sdk or clients support it" :) It was actually solved by https://github.com/fog/fog-openstack/pull/268 on older versions, not sure where it breaks now. btw, I will try again to have v3 listed in the catalog..