OpenStack Object Storage (swift)

glance backend with swift upload image problem

Asked by Victor Delacroix

I'm trying to use swift as glance backend,when I upload an image:

root@stack0:~# glance add name="Ubuntu 12.04 Server" is_public=true container_format=ovf disk_format=qcow2 < /home/stack/ubuntu-12.04-server-cloudimg-amd64-disk1.img
Uploading image 'Ubuntu 12.04 Server'
=====================================[ 88%] 131.195745M/s, ETA 0h 0m 4sFailed to add image. Got error:
Data supplied was not valid.
Details: 400 Bad Request

The server could not comply with the request since it is either malformed or otherwise incorrect.

 Error uploading image: (SSLError): [Errno 1] _ssl.c:504: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Note: Your image metadata may still be in the registry, but the image's status will likely be 'killed'.
===========================================[100%] 139.445437M/s, ETA 0h 0m 0s

After this,I deleted the "killed" row and upload again,but it goes the same : (
my relevant configs:

glance-api.conf :
default_store = swift
swift_store_auth_version = 2
swift_store_auth_address = 192.168.1.112:5000/v2.0/
swift_store_user = service:swift
swift_store_key = swift
swift_store_container = glance
swift_store_create_container_on_put = True
swift_store_large_object_size = 5120
swift_store_large_object_chunk_size = 200
swift_enable_snet = False

I use keytone as swift authentication service
swiftrc:
export OS_AUTH_TENANT=service
export OS_AUTH_USER=swift
export OS_AUTH_KEY=swift
export OS_AUTH_URL=http://192.168.1.112:5000/v2.0/

and swift works well:

root@stack0:~# swift stat
   Account: AUTH_0aa35caa39fa45928ca4330ffc0dc495
Containers: 1
   Objects: 4
     Bytes: 260412361
Accept-Ranges: bytes
X-Trans-Id: txc5d880971cf0496ba2c84001cd0e81ef

anyone can help me solve this probelm?
Thanks,Delacroix.

Question information

Language:
English Edit question
Status:
Solved
For:
OpenStack Object Storage (swift) Edit question
Assignee:
No assignee Edit question
Solved by:
Victor Delacroix
Solved:
Last query:
Last reply:
Revision history for this message
Jay Pipes (jaypipes) said : 		#1

You do not have SSL set up correctly on your Swift proxy server. Thus, the error about SSL in the return from Glance...

Revision history for this message
Victor Delacroix (unmask429) said : 		#2

Thanks Jay Pipes,you mentioned that my swift proxy server have some problem with SSL, which package should I set up again below..?

ssl-cert-check - proactively handling X.509 certificate expiration
ssldump - An SSLv3/TLS network protocol analyzer
sslh - ssl/ssh multiplexer
sslscan - Fast SSL scanner
sslsniff - SSL/TLS man-in-the-middle attack tool
sslstrip - SSL/TLS man-in-the-middle attack tool

Revision history for this message
Victor Delacroix (unmask429) said : 		#3

this is my proxy-server.conf below

[DEFAULT]
bind_port = 8080
user = swift
swift_dir = /etc/swift

[pipeline:main]
# Order of execution of modules defined below
pipeline = catch_errors healthcheck cache authtoken keystone proxy-server

[app:proxy-server]
use = egg:swift#proxy
allow_account_management = true
account_autocreate = true
set log_name = swift-proxy
set log_facility = LOG_LOCAL0
set log_level = INFO
set access_log_name = swift-proxy
set access_log_facility = SYSLOG
set access_log_level = INFO
set log_headers = True
account_autocreate = True

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:catch_errors]
use = egg:swift#catch_errors

[filter:cache]
use = egg:swift#memcache
set log_name = cache

[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
auth_protocol = http
auth_host = 127.0.0.1
auth_port = 35357
auth_token = admin
service_protocol = http
service_host = 127.0.0.1
service_port = 5000
admin_token = admin
admin_tenant_name = service
admin_user = swift
admin_password = swift
delay_auth_decision = 0

[filter:keystone]
paste.filter_factory = keystone.middleware.swift_auth:filter_factory
operator_roles = admin, swiftoperator
is_admin = true

Revision history for this message
Victor Delacroix (unmask429) said : 		#4

my swift proxy server is set up on the same server,including nova,glance,keystone,swift.
and the proxy server is the first storage node of swift.

root@stack0:/etc/swift# swift-ring-builder object.builder
object.builder, build version 2
262144 partitions, 2 replicas, 2 zones, 2 devices, 0.00 balance
The minimum number of hours before a partition can be reassigned is 1
Devices: id zone ip address port name weight partitions balance meta
             0 1 192.168.1.112 6010 sdb1 100.00 262144 0.00
             1 2 192.168.1.113 6010 device 100.00 262144 0.00

##192.168.1.112 nova,glance,keystone,swift all in one.

Revision history for this message
gholt (gholt) said : 		#5

I'm not sure if SSL is required by Glance or something, or maybe Jay just saw the SSL error and punted. :)

But, if you want to use the Swift EXPERIMENTAL SSL support, the key config values are:

# Set the following two lines to enable SSL. This is for testing only.
# cert_file = /etc/swift/proxy.crt
# key_file = /etc/swift/proxy.key

You can see these in proxy-server.conf-sample included with Swift.

If you want "real" SSL, it is recommended you have an SSL terminator in front of Swift. In a production environment, you'd usually have an SSL load balancer set up in front of Swift proxy servers.

But the above dev SSL works for, well, dev work.

Revision history for this message
Victor Delacroix (unmask429) said : 		#6

Thanks gholt.
I made a stupid mistake:

swift_store_auth_address = 192.168.1.112:5000/v2.0/
##missing "http://"
so I changed it to
swift_store_auth_address = http://192.168.1.112:5000/v2.0/

then,another problem comes out

oot@stack0:~# glance add name=”Ubuntu 12.04 Server” is_public=true container_format=ovf disk_format=qcow2 < /home/stack/ubuntu-12.04-server-cloudimg-amd64-disk1.img
Uploading image 'Ubuntu 12.04 Server'
==================================================================================================================================================[100%] 11.0M/s, ETA 0h 0m 0s
Failed to add image. Got error:
Data supplied was not valid.
Details: 400 Bad Request

The server could not comply with the request since it is either malformed or otherwise incorrect.

Error uploading image: (BackendException): Failed to add object to Swift. Got error from Swift: put_object('glance', '844a9420-0b02-4895-8ceb-012d41cc2a21', …) failure and no ability to reset contents for reupload.
Note: Your image metadata may still be in the registry, but the image's status will likely be 'killed'

##I have tested that,when I put a 400MB object into swift with openstack-dashboard,it works.

Revision history for this message
gholt (gholt) said : 		#7

Hmm, there isn't quite enough information there to determine what's wrong. You may have to check the log (/var/log/syslog or wherever your system stores them) and see if something pops out there. Mostly, figuring out the reason for the 400 Bad Request.

Revision history for this message
Victor Delacroix (unmask429) said : 		#8

Thanks gholt,I've decided to reinstall openstack.
Maybe I missed some important details..