[Openstack-operators] [horizon] Odd behavior with image upload in Queens

Jonathan Mills jonmills at gmail.com
Tue Sep 25 14:23:32 UTC 2018 

Hello all, I am troubleshooting an odd behavior in Horizon in Queens on
CentOS 7.5 (RDO packages). When I upload images via Horizon, they fail to
become associated with the tenant of the user who uploaded them.  Instead,
they appear only as 'Image from Other Project'.  It can be fixed if you
manually run "openstack image set --project=whatever someimage", but to
users looking at the dashboard, it looks like an error.

Uploading images via the glance client does not result in this problem, so
I'm working from the assumption that the problem lies within the Horizon
config.

Moreover, these are small images (like Cirros) -- it isn't that the upload
is failing due to size or anything; horizon is doing something odd while
registering it.

The only clues I've found are these messages in my horizon error logs:

[Tue Sep 25 14:06:21.147196 2018] [:error] [pid 23679]
DEBUG:oslo_policy.policy:Rule [compute_extension:aggregates] does not exist
[Tue Sep 25 14:06:21.148665 2018] [:error] [pid 23679]
DEBUG:oslo_policy.policy:Rule [default] does not exist
[Tue Sep 25 14:06:21.178761 2018] [:error] [pid 23679]
DEBUG:oslo_policy.policy:Rule [admin_and_matching_domain_id] does not exist
[Tue Sep 25 14:06:21.180502 2018] [:error] [pid 23679]
DEBUG:oslo_policy.policy:Rule [default] does not exist
[Tue Sep 25 14:06:21.184129 2018] [:error] [pid 23679]
DEBUG:oslo_policy.policy:Rule [admin_and_matching_domain_id] does not exist
[Tue Sep 25 14:06:21.185885 2018] [:error] [pid 23679]
DEBUG:oslo_policy.policy:Rule [default] does not exist
[Tue Sep 25 14:06:21.189637 2018] [:error] [pid 23679]
DEBUG:oslo_policy.policy:Rule [admin_and_matching_domain_id] does not exist
[Tue Sep 25 14:06:21.191408 2018] [:error] [pid 23679]
DEBUG:oslo_policy.policy:Rule [default] does not exist

I've been trying to understand if this is somehow an oslo_policy problem.
The keystone service now has a policy.json file that only contains "{}",
because of policy in code, etc.  But horizon still has a legacy
keystone_policy.json file.  Is that a mismatch?

Google searches have not turned up much, so I'd be very appreciative if
anyone has seen something like this before...

Cheers,
Jonathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20180925/3e6db95c/attachment.html>

More information about the OpenStack-operators mailing list