[openstack-dev] [api][nova] Openstack HTTP error codes
John Dickinson
me at not.mn
Thu Jan 29 17:56:29 UTC 2015
If you're going to make up your own extensions[1] to HTTP, why don't you use ones that are already used?
http://support.microsoft.com/kb/943891
[1] ok, what's proposed isn't technically an "extension", it's response body context for the response code. But response bodies are hard to modify when you're dealing with APIs that aren't control-plane APIs.
--John
> On Jan 29, 2015, at 9:41 AM, Sean Dague <sean at dague.net> wrote:
>
> Correct. This actually came up at the Nova mid cycle in a side
> conversation with Ironic and Neutron folks.
>
> HTTP error codes are not sufficiently granular to describe what happens
> when a REST service goes wrong, especially if it goes wrong in a way
> that would let the client do something other than blindly try the same
> request, or fail.
>
> Having a standard json error payload would be really nice.
>
> {
> fault: ComputeFeatureUnsupportedOnInstanceType,
> messsage: "This compute feature is not supported on this kind of
> instance type. If you need this feature please use a different instance
> type. See your cloud provider for options."
> }
>
> That would let us surface more specific errors.
>
> Today.... there is a giant hodgepodge - see:
>
> https://github.com/openstack/tempest-lib/blob/master/tempest_lib/common/rest_client.py#L412-L424
>
> https://github.com/openstack/tempest-lib/blob/master/tempest_lib/common/rest_client.py#L460-L492
>
> Especially blocks like this:
>
> if 'cloudServersFault' in resp_body:
> message =
> resp_body['cloudServersFault']['message']
> elif 'computeFault' in resp_body:
> message = resp_body['computeFault']['message']
> elif 'error' in resp_body:
> message = resp_body['error']['message']
> elif 'message' in resp_body:
> message = resp_body['message']
>
> Standardization here from the API WG would be really great.
>
> -Sean
>
> On 01/29/2015 09:11 AM, Roman Podoliaka wrote:
>> Hi Anne,
>>
>> I think Eugeniya refers to a problem, that we can't really distinguish
>> between two different badRequest (400) errors (e.g. wrong security
>> group name vs wrong key pair name when starting an instance), unless
>> we parse the error description, which might be error prone.
>>
>> Thanks,
>> Roman
>>
>> On Thu, Jan 29, 2015 at 6:46 PM, Anne Gentle
>> <annegentle at justwriteclick.com> wrote:
>>>
>>>
>>> On Thu, Jan 29, 2015 at 10:33 AM, Eugeniya Kudryashova
>>> <ekudryashova at mirantis.com> wrote:
>>>>
>>>> Hi, all
>>>>
>>>>
>>>> Openstack APIs interact with each other and external systems partially by
>>>> passing of HTTP errors. The only valuable difference between types of
>>>> exceptions is HTTP-codes, but current codes are generalized, so external
>>>> system can’t distinguish what actually happened.
>>>>
>>>>
>>>> As an example two different failures below differs only by error message:
>>>>
>>>>
>>>> request:
>>>>
>>>> POST /v2/790f5693e97a40d38c4d5bfdc45acb09/servers HTTP/1.1
>>>>
>>>> Host: 192.168.122.195:8774
>>>>
>>>> X-Auth-Project-Id: demo
>>>>
>>>> Accept-Encoding: gzip, deflate, compress
>>>>
>>>> Content-Length: 189
>>>>
>>>> Accept: application/json
>>>>
>>>> User-Agent: python-novaclient
>>>>
>>>> X-Auth-Token: 2cfeb9283d784cfba694f3122ef413bf
>>>>
>>>> Content-Type: application/json
>>>>
>>>>
>>>> {"server": {"name": "demo", "imageRef":
>>>> "171c9d7d-3912-4547-b2a5-ea157eb08622", "key_name": "test", "flavorRef":
>>>> "42", "max_count": 1, "min_count": 1, "security_groups": [{"name": "bar"}]}}
>>>>
>>>> response:
>>>>
>>>> HTTP/1.1 400 Bad Request
>>>>
>>>> Content-Length: 118
>>>>
>>>> Content-Type: application/json; charset=UTF-8
>>>>
>>>> X-Compute-Request-Id: req-a995e1fc-7ea4-4305-a7ae-c569169936c0
>>>>
>>>> Date: Fri, 23 Jan 2015 10:43:33 GMT
>>>>
>>>>
>>>> {"badRequest": {"message": "Security group bar not found for project
>>>> 790f5693e97a40d38c4d5bfdc45acb09.", "code": 400}}
>>>>
>>>>
>>>> and
>>>>
>>>>
>>>> request:
>>>>
>>>> POST /v2/790f5693e97a40d38c4d5bfdc45acb09/servers HTTP/1.1
>>>>
>>>> Host: 192.168.122.195:8774
>>>>
>>>> X-Auth-Project-Id: demo
>>>>
>>>> Accept-Encoding: gzip, deflate, compress
>>>>
>>>> Content-Length: 192
>>>>
>>>> Accept: application/json
>>>>
>>>> User-Agent: python-novaclient
>>>>
>>>> X-Auth-Token: 24c0d30ff76c42e0ae160fa93db8cf71
>>>>
>>>> Content-Type: application/json
>>>>
>>>>
>>>> {"server": {"name": "demo", "imageRef":
>>>> "171c9d7d-3912-4547-b2a5-ea157eb08622", "key_name": "foo", "flavorRef":
>>>> "42", "max_count": 1, "min_count": 1, "security_groups": [{"name":
>>>> "default"}]}}
>>>>
>>>> response:
>>>>
>>>> HTTP/1.1 400 Bad Request
>>>>
>>>> Content-Length: 70
>>>>
>>>> Content-Type: application/json; charset=UTF-8
>>>>
>>>> X-Compute-Request-Id: req-87604089-7071-40a7-a34b-7bc56d0551f5
>>>>
>>>> Date: Fri, 23 Jan 2015 10:39:43 GMT
>>>>
>>>>
>>>> {"badRequest": {"message": "Invalid key_name provided.", "code": 400}}
>>>>
>>>>
>>>> The former specifies an incorrect security group name, and the latter an
>>>> incorrect keypair name. And the problem is, that just looking at the
>>>> response body and HTTP response code an external system can’t understand
>>>> what exactly went wrong. And parsing of error messages here is not the way
>>>> we’d like to solve this problem.
>>>
>>>
>>> For the Compute API v 2 we have the shortened Error Code in the
>>> documentation at
>>> http://developer.openstack.org/api-ref-compute-v2.html#compute_server-addresses
>>>
>>> such as:
>>>
>>> Error response codes
>>> computeFault (400, 500, …), serviceUnavailable (503), badRequest (400),
>>> unauthorized (401), forbidden (403), badMethod (405), overLimit (413),
>>> itemNotFound (404), buildInProgress (409)
>>>
>>> Thanks to a recent update (well, last fall) to our build tool for docs.
>>>
>>> What we don't have is a table in the docs saying "computeFault has this
>>> longer Description" -- is that what you are asking for, for all OpenStack
>>> APIs?
>>>
>>> Tell me more.
>>>
>>> Anne
>>>
>>>
>>>>
>>>>
>>>> Another example for solving this problem is AWS EC2 exception codes [1]
>>>>
>>>>
>>>> So if we have some service based on Openstack projects it would be useful
>>>> to have some concrete error codes(textual or numeric), which could allow to
>>>> define what actually goes wrong and later correctly process obtained
>>>> exception. These codes should be predefined for each exception, have
>>>> documented structure and allow to parse exception correctly in each step of
>>>> exception handling.
>>>>
>>>>
>>>> So I’d like to discuss implementing such codes and its usage in openstack
>>>> projects.
>>>>
>>>>
>>>> [1] -
>>>> http://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html
>>>>
>>>> __________________________________________________________________________
>>>> OpenStack Development Mailing List (not for usage questions)
>>>> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>>
>>>
>>>
>>>
>>> --
>>> Anne Gentle
>>> annegentle at justwriteclick.com
>>>
>>> __________________________________________________________________________
>>> OpenStack Development Mailing List (not for usage questions)
>>> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>
>> __________________________________________________________________________
>> OpenStack Development Mailing List (not for usage questions)
>> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>
>
> --
> Sean Dague
> http://dague.net
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150129/a86064b8/attachment.pgp>
More information about the OpenStack-dev
mailing list