Uploaded image for project: 'Libcloud'
  1. Libcloud
  2. LIBCLOUD-125

Eucalyptus node driver fails to authenticate on OpenNebula with EC2-compatible interface

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 0.5.0, 0.5.2
    • 0.6.1
    • Compute

    Description

      When connecting to OpenNebula through its EC2 compatible interface (using libcloud Eucalyptus driver) on a non standard port, the user authentication fails.

      Example, with libcloud trunk from git repository:

      $ python
      Python 2.6.6 (r266:84292, Dec 26 2010, 22:31:48)
      [GCC 4.4.5] on linux2
      Type "help", "copyright", "credits" or "license" for more information.
      >>> import libcloud.compute.providers
      >>> import libcloud.compute.types
      >>> Driver=libcloud.compute.providers.get_driver(libcloud.compute.types.Provider.EUCALYPTUS)
      >>> conn = Driver(host="myhost",port=4567,key="oneadmin",secret="mysecret",secure=False,path="/")
      >>> conn.list_images()
      Traceback (most recent call last):
      File "<stdin>", line 1, in <module>
      File "/home/sdelamare/.local/lib/python2.6/site-packages/libcloud/compute/drivers/ec2.py", line 470, in list_images
      self.connection.request(self.path, params=params).object
      File "/home/sdelamare/.local/lib/python2.6/site-packages/libcloud/common/base.py", line 493, in request
      connection=self)
      File "/home/sdelamare/.local/lib/python2.6/site-packages/libcloud/common/base.py", line 59, in _init_
      raise Exception(self.parse_error())
      File "/home/sdelamare/.local/lib/python2.6/site-packages/libcloud/compute/drivers/ec2.py", line 183, in parse_error
      raise InvalidCredsError(err_list[-1])
      libcloud.common.types.InvalidCredsError: 'AuthFailure: User not authorized'
      >>>

      This is because libcloud never includes the port number after the hostname in the authentication signature added to HTTP header. The port number should be included if it is non default (!= 80 for HTTP and !=443 for HTTPS). This is the standard behavior for HTTP requests (see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.23).

      I am attaching a patch (against git trunk version) that modifies the EC2Connection._get_aws_auth_param() function to address the bug. It solves my problem:

      $ python
      Python 2.6.6 (r266:84292, Dec 26 2010, 22:31:48)
      [GCC 4.4.5] on linux2
      Type "help", "copyright", "credits" or "license" for more information.
      >>> import libcloud.compute.providers
      >>> import libcloud.compute.types
      >>> Driver=libcloud.compute.providers.get_driver(libcloud.compute.types.Provider.EUCALYPTUS)
      >>> conn = Driver(host="myhost",port=4567,key="oneadmin",secret="mysecret",secure=False,path="/")
      >>> conn.list_images()
      [<NodeImage: id=ami-00000000, name=690c4904283b5120c8b253553543f4c38b21a4a8, driver=Eucalyptus ...>]
      >>>

      Attachments

        1. ec2_sig.patch
          0.7 kB
          Simon Delamare

        Activity

          People

            Unassigned Unassigned
            simon.delamare Simon Delamare
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: