Thanks François for your reply, Have you seen the original authentication error during the running Le jeu. 19 sept. 2019 à 15:22, Francois Scheurer < francois.scheurer@everyware.ch> a écrit :
Hello Hervé
I tried again, this time defining explictitly all parameters, including action_region and snapshot_id.
The results were same as previously: it works when executing the workflow directly but fails with a cron trigger.
Or to be more precise, the cron trigger execution "succeeds" but the resulting volume backup fails :
Thanks François for your reply, Have you seen the original authentication error during this execution? If not then I guess you missed some params during your first tries which introduced the authentication issue. I guess then that the volume backup fails is another issue, not related to the first authentication issue...
(.venv) ewfsc@ewos1-kolla1-stage:~$ openstack volume backup show -f json abe96cb1-a5e1-4035-87dd-b4292101a921 { "status": "error", "object_count": 0, "fail_reason": "Container PUT failed: http://rgw.service.stage.i.ewcs.ch/swift/v1/AUTH_aeac4b07d8b144178c43c65f29f... 401 Unauthorized AccessDenied", "description": null, "name": "fsc-vol-1-img-vol-bak", "availability_zone": "ch-zh1-az1", "created_at": "2019-09-19T13:15:02.000000", "volume_id": "c0022411-59a4-4c7c-9474-c7ea8ccc7691", "updated_at": "2019-09-19T13:15:04.000000", "data_timestamp": "2019-09-19T12:38:02.000000", "has_dependent_backups": false, "snapshot_id": "b4b174eb-e6d2-4f66-8070-212e3e7e6114", "container": "volumebackups", "size": 1, "id": "abe96cb1-a5e1-4035-87dd-b4292101a921", "is_incremental": false }
Best Regards
Francois
Details:
Workflow --- version: "2.0" create_vol_backup: type: direct input: - volume_id - container - name - incremental - force - action_region - snapshot_id
tasks: create_vol_backup: action: cinder.backups_create volume_id=<% $.volume_id %> name=<% $.name %> container=<% $.container %> incremental=<% $.incremental %> force=<% $.force %> action_region=<% $.action_region%> snapshot_id=<% $.snapshot_id %> publish: backup_id: <% task(create_vol_backup).result %> create_state: SUCCESS publish-on-error: create_state: ERROR
Input { "volume_id": "c0022411-59a4-4c7c-9474-c7ea8ccc7691", "container": "volumebackups", "name": "fsc-vol-1-img-vol-bak", "incremental": "false", "force": "true", "action_region": "ch-zh1", "snapshot_id": "b4b174eb-e6d2-4f66-8070-212e3e7e6114" }
Params { "namespace": "", "env": {}, "task_name": "create_vol_backup_task" }
On 9/19/19 2:28 PM, Francois Scheurer wrote:
Hi Herve
Thank you for your reply.
I am using the same input & params as when executing the workflow directly from horizon (successfully):
{ "incremental": "false", "force": "true", "name": "fsc-create-vol-backup", "volume_id": "c0022411-59a4-4c7c-9474-c7ea8ccc7691" }
{ "namespace": "", "env": {}, "task_name": "create_vol_backup_task" }
Maybe I need some additional params when executing via cron?
I will try specfying the objectstore container explicitly.
Best Regards
Francois
On 9/19/19 1:18 PM, Herve Beraud wrote:
Hello François,
Given your error, are you sure your cron task load the right config with the right authorized user or something related?
Le jeu. 19 sept. 2019 à 11:51, Francois Scheurer < francois.scheurer@everyware.ch> a écrit :
Dear All
We are using Mistral with Openstack Rocky. (with federated users) We could then use cron triggers for instance with nova.servers_create_image or cinder.volume_snapshots_create with success.
But we hit an issue with cinder.backups_create .
This call will stores the backup on our swift backend (ceph rgw). The workflow works when executed directly but it fails when executed via cron trigger:
2019-09-17 10:46:04.525 8 ERROR oslo_messaging.rpc.server ClientException: Container PUT failed:
http://rgw.service.stage.i.ewcs.ch/swift/v1/AUTH_aeac4b07d8b144178c43c65f29f... 401 Unauthorized AccessDenied
See details below.
Cheers
Francois
--
EveryWare AG François Scheurer Senior Systems Engineer Zurlindenstrasse 52a CH-8003 Zürich
tel: +41 44 466 60 00 fax: +41 44 466 60 10 mail: francois.scheurer@everyware.ch web: http://www.everyware.ch
-- Hervé Beraud Senior Software Engineer Red Hat - Openstack Oslo irc: hberaud -----BEGIN PGP SIGNATURE----- wsFcBAABCAAQBQJb4AwCCRAHwXRBNkGNegAALSkQAHrotwCiL3VMwDR0vcja10Q+ Kf31yCutl5bAlS7tOKpPQ9XN4oC0ZSThyNNFVrg8ail0SczHXsC4rOrsPblgGRN+ RQLoCm2eO1AkB0ubCYLaq0XqSaO+Uk81QxAPkyPCEGT6SRxXr2lhADK0T86kBnMP F8RvGolu3EFjlqCVgeOZaR51PqwUlEhZXZuuNKrWZXg/oRiY4811GmnvzmUhgK5G 5+f8mUg74hfjDbR2VhjTeaLKp0PhskjOIKY3vqHXofLuaqFDD+WrAy/NgDGvN22g glGfj472T3xyHnUzM8ILgAGSghfzZF5Skj2qEeci9cB6K3Hm3osj+PbvfsXE/7Kw m/xtm+FjnaywZEv54uCmVIzQsRIm1qJscu20Qw6Q0UiPpDFqD7O6tWSRKdX11UTZ hwVQTMh9AKQDBEh2W9nnFi9kzSSNu4OQ1dRMcYHWfd9BEkccezxHwUM4Xyov5Fe0 qnbfzTB1tYkjU78loMWFaLa00ftSxP/DtQ//iYVyfVNfcCwfDszXLOqlkvGmY1/Y F1ON0ONekDZkGJsDoS6QdiUSn8RZ2mHArGEWMV00EV5DCIbCXRvywXV43ckx8Z+3 B8qUJhBqJ8RS2F+vTs3DTaXqcktgJ4UkhYC2c1gImcPRyGrK9VY0sCT+1iA+wp/O v6rDpkeNksZ9fFSyoY2o =ECSj -----END PGP SIGNATURE-----