Ask Your Question
1

Juno Sahara Spark 1.0.0 Security Group Error

asked 2014-12-03 18:10:28 -0500

Nastooh gravatar image

updated 2014-12-03 22:57:15 -0500

Hi
Having problem with security groups, when either defining "Node Group Templates" or instantiating a cluster. In the first case, if I use an existing group, say "default", gui shows an error stating "Error Security group '2' not found". Sahara log file indicates the same thing:

   2014-12-03 23:41:24.144 30234 INFO urllib3.connectionpool [-] Starting new HTTP connection (1): cloudctrl1.maas17
    2014-12-03 23:41:24.146 30234 DEBUG urllib3.connectionpool [-] Setting read timeout to None _make_request /usr/lib/python2.7/dist-packages/urllib3/connectionpool.py:375
    2014-12-03 23:41:24.163 30234 DEBUG urllib3.connectionpool [-] "GET /v2/926c31c887f441f6a4e4b8031b8cc528/os-security-groups HTTP/1.1" 200 682 _make_request /usr/lib/python2.7/dist-packages/urllib3/connectionpool.py:415
    2014-12-03 23:41:24.165 30234 DEBUG sahara.utils.api [-] Validation Error occurred: error_code=400, error_message=Security group '2' not found, error_name=INVALID_REFERENCE bad_request /usr/local/lib/python2.7/dist-packages/sahara/utils/api.py:245
    2014-12-03 23:41:24.165 30234 INFO sahara.cli.sahara_all [-] 10.0.0.86 - - [03/Dec/2014 23:41:24] "POST /v1.1/926c31c887f441f6a4e4b8031b8cc528/node-group-templates HTTP/1.1" 400 221 0.063121
    2014-12-03 23:41:24.257 30234 DEBUG keystonemiddleware.auth_token [-] Authenticating user token __call__ /usr/lib/python2.7/dist-packages/keystonemiddleware/auth_token.py:650
    2014-12-03 23:41:24.258 30234 DEBUG keystonemiddleware.auth_token [-] Removing headers from request environment: X-Identity-Status,X-Domain-Id,X-Domain-Name,X-Project-Id,X-Project-Name,X-Project-Domain-Id,X-Project-Domain-Name,X-User-Id,X-User-Name,X-User-Domain-Id,X-User-Domain-Name,X-Roles,X-Service-Catalog,X-User,X-Tenant-Id,X-Tenant-Name,X-Tenant,X-Role _remove_auth_headers /usr/lib/python2.7/dist-packages/keystonemiddleware/auth_token.py:707

I can, temporarily, avoid the problem by selecting "Auto Security Group" option. This would allow for a node group to be created; however, I do not see any new security group, under Compute -> Access & Security. At any rate, this also fails during cluster instantiation:

2014-12-03 23:55:06.285 30234 INFO urllib3.connectionpool [-] Starting new HTTP connection (1): cloudctrl1.maas17
2014-12-03 23:55:06.286 30234 DEBUG urllib3.connectionpool [-] Setting read timeout to None _make_request /usr/lib/python2.7/dist-packages/urllib3/connectionpool.py:375
2014-12-03 23:55:06.409 30234 DEBUG urllib3.connectionpool [-] "POST /v2/926c31c887f441f6a4e4b8031b8cc528/servers HTTP/1.1" 400 116 _make_request /usr/lib/python2.7/dist-packages/urllib3/connectionpool.py:415
2014-12-03 23:55:06.451 30234 ERROR sahara.service.ops [-] Error during operating cluster 'Sprk265' (reason: Security group 6 not found for project 926c31c887f441f6a4e4b8031b8cc528. (HTTP 400))
2014-12-03 23:55:06.451 30234 TRACE sahara.service.ops Traceback (most recent call last):
2014-12-03 23:55:06.451 30234 TRACE sahara.service.ops   File "/usr/local/lib/python2.7/dist-packages/sahara/service/ops.py", line 113, in wrapper
2014-12-03 23:55:06.451 30234 TRACE sahara.service.ops     f(cluster_id, *args, **kwds)
2014-12-03 23:55:06.451 30234 TRACE sahara.service.ops   File "/usr/local/lib/python2.7/dist-packages/sahara/service/ops.py", line 198, in _provision_cluster
2014-12-03 23:55:06.451 30234 TRACE sahara.service.ops     INFRA.create_cluster(cluster)
2014-12-03 23:55:06.451 30234 TRACE sahara.service.ops   File "/usr/local/lib/python2.7/dist-packages/sahara/service/direct_engine.py", line 51, in create_cluster ...
(more)
edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
1

answered 2014-12-08 04:35:26 -0500

i_like_pie gravatar image

updated 2014-12-09 02:42:56 -0500

Hello,

We ran into the exact same problem. I'm not sure if there is an official solution, but this is what I did to get around this problem: It seems that the checkboxes where you select the security group have key/value pairs that are id/name. It saves the id into the template as an integer. However during validation and cluster creation a string value is expected instead, e.g. in the validation function there is a set allowed_values = ("1", "default"), and the validated value is 1 (and 1 != "1").

I looked around the dashboard files and found where this data was saved, and did a small change that seems to have worked. Under /openstack_dashboard/dashboards/project/data_processing/nodegroup_templates/workflows/create.py:113 modify

 security_group_list = [(sg.id, sg.name) for sg in groups]

to

 security_group_list = [(sg.name, sg.name) for sg in groups]

This is just a hack (I'm not familiar enough with horizon to properly fix that), so if you manage to find a proper solution please share it.

edit flag offensive delete link more

Comments

Thank you for sharing you solution. I can confirm that it is working and opened a bug report https://bugs.launchpad.net/horizon/+b...

Nastooh gravatar imageNastooh ( 2014-12-08 14:48:35 -0500 )edit
alazarev gravatar imagealazarev ( 2014-12-08 15:39:33 -0500 )edit
0

answered 2014-12-08 15:57:08 -0500

alazarev gravatar image

This is exactly https://bugs.launchpad.net/sahara/+bu... . The fix is already in master and backported to juno.

edit flag offensive delete link more

Comments

Hello, this correction is not valid! Please see my comment on the bugtracker.

i_like_pie gravatar imagei_like_pie ( 2014-12-09 02:35:05 -0500 )edit

Agreed. Problem persists during cluster instantiation. (See logs in bug tracker.)

Nastooh gravatar imageNastooh ( 2014-12-09 09:20:20 -0500 )edit
alazarev gravatar imagealazarev ( 2014-12-09 12:47:00 -0500 )edit

Would "pip install sahara --upgrade" get the latest fix? (Tried it yesterday and didn't seem to make a difference.)

Nastooh gravatar imageNastooh ( 2014-12-09 13:18:45 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-12-03 18:10:28 -0500

Seen: 422 times

Last updated: Dec 09 '14