Hello Hervé
I tried again, this time defining explictitly all parameters, including action_region and snapshot_id.
The results were same as previously: it works when executing the workflow directly but fails with a cron trigger.
Or to be more precise, the cron trigger execution "succeeds" but the resulting volume backup fails :
(.venv) ewfsc@ewos1-kolla1-stage:~$ openstack volume backup show
-f json abe96cb1-a5e1-4035-87dd-b4292101a921
{
"status": "error",
"object_count": 0,
"fail_reason": "Container PUT failed:
http://rgw.service.stage.i.ewcs.ch/swift/v1/AUTH_aeac4b07d8b144178c43c65f29fa9dac/volumebackups
401 Unauthorized AccessDenied",
"description": null,
"name": "fsc-vol-1-img-vol-bak",
"availability_zone": "ch-zh1-az1",
"created_at": "2019-09-19T13:15:02.000000",
"volume_id": "c0022411-59a4-4c7c-9474-c7ea8ccc7691",
"updated_at": "2019-09-19T13:15:04.000000",
"data_timestamp": "2019-09-19T12:38:02.000000",
"has_dependent_backups": false,
"snapshot_id": "b4b174eb-e6d2-4f66-8070-212e3e7e6114",
"container": "volumebackups",
"size": 1,
"id": "abe96cb1-a5e1-4035-87dd-b4292101a921",
"is_incremental": false
}
Best Regards
Francois
Details:
Workflow
---
version: "2.0"
create_vol_backup:
type: direct
input:
- volume_id
- container
- name
- incremental
- force
- action_region
- snapshot_id
tasks:
create_vol_backup:
action: cinder.backups_create volume_id=<%
$.volume_id %> name=<% $.name %> container=<%
$.container %> incremental=<% $.incremental %>
force=<% $.force %> action_region=<% $.action_region%>
snapshot_id=<% $.snapshot_id %>
publish:
backup_id: <% task(create_vol_backup).result %>
create_state: SUCCESS
publish-on-error:
create_state: ERROR
Input
{
"volume_id": "c0022411-59a4-4c7c-9474-c7ea8ccc7691",
"container": "volumebackups",
"name": "fsc-vol-1-img-vol-bak",
"incremental": "false",
"force": "true",
"action_region": "ch-zh1",
"snapshot_id": "b4b174eb-e6d2-4f66-8070-212e3e7e6114"
}
Params
{
"namespace": "",
"env": {},
"task_name": "create_vol_backup_task"
}
Hi Herve
Thank you for your reply.
I am using the same input & params as when executing the workflow directly from horizon (successfully):
{
"incremental": "false",
"force": "true",
"name": "fsc-create-vol-backup",
"volume_id": "c0022411-59a4-4c7c-9474-c7ea8ccc7691"
}
{
"namespace": "",
"env": {},
"task_name": "create_vol_backup_task"
}
Maybe I need some additional params when executing via cron?
I will try specfying the objectstore container explicitly.
Best Regards
Francois
On 9/19/19 1:18 PM, Herve Beraud wrote:
Hello François,
Given your error, are you sure your cron task load the right config with the right authorized user or something related?
Le jeu. 19 sept. 2019 à 11:51, Francois Scheurer <francois.scheurer@everyware.ch> a écrit :
Dear All
We are using Mistral with Openstack Rocky. (with federated users)
We could then use cron triggers for instance with
nova.servers_create_image or cinder.volume_snapshots_create with success.
But we hit an issue with cinder.backups_create .
This call will stores the backup on our swift backend (ceph rgw).
The workflow works when executed directly but it fails when executed via
cron trigger:
2019-09-17 10:46:04.525 8 ERROR oslo_messaging.rpc.server
ClientException: Container PUT failed:
http://rgw.service.stage.i.ewcs.ch/swift/v1/AUTH_aeac4b07d8b144178c43c65f29fa9dac/volumebackups
401 Unauthorized AccessDenied
See details below.
Cheers
Francois
-- EveryWare AG François Scheurer Senior Systems Engineer Zurlindenstrasse 52a CH-8003 Zürich tel: +41 44 466 60 00 fax: +41 44 466 60 10 mail: francois.scheurer@everyware.ch web: http://www.everyware.ch