[openstack-dev] [devstack] Possible issues cryptography 1.0 and os-client-config 1.6.2

Matt Riedemann mriedem at linux.vnet.ibm.com
Fri Aug 14 14:50:03 UTC 2015



On 8/13/2015 2:45 AM, Robert Collins wrote:
> tl;dr - developers running devstack probably want to be using
> USE_CONSTRAINTS=True, otherwise there may be a few rough hours today.
> [http://lists.openstack.org/pipermail/openstack-dev/2015-July/068569.html]
>
>
> Apparently some third party CI systems are seeing an issue with
> cryptography 1.0 - https://review.openstack.org/#/c/212349/ - but I
> haven't reproduced it in local experiments. We haven't seen it in the
> gate yet (according to logstash.o.o). Thats likely due to it only
> affecting devstack in that way, and constraints insulating us from it.
>
> Hopefully the cryptography thing, whatever it is, won't affect unit
> tests which are not yet using constraints (but thats being worked on
> as fast as we can!)
>
>
> There was a separate issue w/ os-client-config that blew up on 1.6.2,
> but thats been reproduced and dealt with - though the commit hasn't
> gotten through the gate yet, so its possible we'll be dealing with a
> dual-defect problem.
>
> That said, again, constraints correctly insulated devstack from the
> 1.6.2 release - we detected it when the update proposal failed, rather
> than in the gate queue, so \o/.
>
> AFAICT the os-client-config thing won't affect any unit tests.
>
> -Rob
>

This was the nova bug reported by a cinder third party CI maintainer 
last week:

https://bugs.launchpad.net/nova/+bug/1483408

They are running on CentOS 7.1 so they have different versions of 
openssl and some other packages than what we have in the gate with 
Ubuntu 14.04, I suspect that's related to why some of the third party 
systems are failing with the latest cryptography.

And it was the nova change mentioned in the bug that introduced the 
usage of that library so that's why this is relatively new.

-- 

Thanks,

Matt Riedemann




More information about the OpenStack-dev mailing list