[Openstack-operators] Ubuntu Kernel with Meltdown mitigation SSL issues

Sam Morrison sorrison at gmail.com
Thu Jan 18 03:36:45 UTC 2018


Hi All,

We updated our control infrastructure to the latest Ubuntu Xenial Kernel (4.4.0-109) which includes the meltdown fixes.

We have found this kernel to have issues with SSL connections with python and have since downgraded. We get errors like:

SSLError: SSL exception connecting to https://keystone.example.com:35357/v3/auth/tokens: ("bad handshake: Error([('', 'osrandom_rand_bytes', 'getrandom() initialization failed.')],)”,)

Full trace:  http://paste.openstack.org/show/646803/

This was affecting glance mainly but all API services were having issues.

Our controllers are running inside KVM VMs and the guests see the CPU as "Intel Xeon E3-12xx v2 (Ivy Bridge)”

This isn’t an openstack issue specifically but hopefully it helps others who may be seeing similar issues.


Cheers,
Sam






More information about the OpenStack-operators mailing list