[swift][OpenStackSDK][keystone] Warnings about (my) swift endpoint URL by keystoneauth1 discovery

Christian Rohmann christian.rohmann at inovex.de
Thu Aug 3 15:09:29 UTC 2023 

Hey openstack-discuss,

we use Ceph RadosGW (Quincy release) to provide Swift as part of an 
OpenStack cloud.
The endpoints are configured as such:

> # openstack endpoint list
> +----------------------------------+--------+--------------+----------------+---------+-----------+----------------------------------------------------------------------+
> | ID                               | Region | Service Name | Service 
> Type   | Enabled | Interface | URL |
> +----------------------------------+--------+--------------+----------------+---------+-----------+----------------------------------------------------------------------+
> | 1234567890 | region    | swift        | object-store   | True    | 
> public    | 
> https://object-store.region.cloud.example.com/swift/v1/AUTH_%(tenant_id)s 
> |
> | 2345678901 | region    | swift        | object-store   | True    | 
> internal  | 
> https://object-store.region.cloud.example.com/swift/v1/AUTH_%(tenant_id)s 
> |
> | 3456789012 | region    | swift        | object-store   | True    | 
> admin     | 
> https://object-store.region.cloud.example.com/swift/v1/AUTH_%(tenant_id)s 
> |
>
so according to 
https://docs.ceph.com/en/latest/radosgw/keystone/#cross-project-tenant-access, 
if I am not mistaken.

I can also use the openstack client to access containers:

> # openstack container list
> +---------------+
> | Name          |
> +---------------+
> | containera   |
> | containerb |
> +---------------+

and there is no warnings or other apparent issues.


But when using "project cleanup" via e.g. "openstack project cleanup 
--dry-run --project $PROJECT" I see multiple warnings like

> Failed to contact the endpoint at 
> https://object-store.region.cloud.example.com/swift/v1/AUTH_f2bc4bd34567ddc341e197456789 
> for discovery. Fallback to using that endpoint as the base url.
>
but only mentioning the swift endpoint.

Following the warning string this originates from the discovery method 
of keystoneauth1, see 
https://github.com/openstack/keystoneauth/blob/28048af9593740315df8d9027c3bd6cae5e0a715/keystoneauth1/discover.py#L1243.


Could anybody help me understand what is issue might be? Why does this 
warning not appear for every use of object storage / swift via 
openstackclient?
Is there any way for me to "fix" this? Could this even be a bug?



Thanks and with kind regards


Christian

More information about the openstack-discuss mailing list