You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@whirr.apache.org by "Andrei Savu (JIRA)" <ji...@apache.org> on 2011/05/27 11:51:47 UTC
[jira] [Commented] (WHIRR-249) Firewall authorization should be
idempotent
[ https://issues.apache.org/jira/browse/WHIRR-249?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13040155#comment-13040155 ]
Andrei Savu commented on WHIRR-249:
-----------------------------------
I've also discovered a bug in jclouds. If I specify an empty description when creating a new security group the call signature is wrong.
For the following call:
{code}
ec2Client.getSecurityGroupServices()
.createSecurityGroupInRegion(REGION, groupName, "");
{code}
I get this exception:
{noformat}
-------------------------------------------------------------------------------
Test set: org.apache.whirr.service.jclouds.integration.FirewallSettingsTest
-------------------------------------------------------------------------------
Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 4.905 sec <<< FAILURE!
testFirewallAuthorizationIsIdempotent(org.apache.whirr.service.jclouds.integration.FirewallSettingsTest) Time elapsed: 1.035 sec <<< ERROR!
org.jclouds.rest.AuthorizationException: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
at org.jclouds.aws.handlers.ParseAWSErrorFromXmlContent.refineException(ParseAWSErrorFromXmlContent.java:114)
at org.jclouds.aws.handlers.ParseAWSErrorFromXmlContent.handleError(ParseAWSErrorFromXmlContent.java:85)
at org.jclouds.http.handlers.DelegatingErrorHandler.handleError(DelegatingErrorHandler.java:69)
at org.jclouds.http.internal.BaseHttpCommandExecutorService$HttpResponseCallable.shouldContinue(BaseHttpCommandExecutorService.java:200)
at org.jclouds.http.internal.BaseHttpCommandExecutorService$HttpResponseCallable.call(BaseHttpCommandExecutorService.java:165)
at org.jclouds.http.internal.BaseHttpCommandExecutorService$HttpResponseCallable.call(BaseHttpCommandExecutorService.java:134)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: org.jclouds.http.HttpResponseException: command: POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1 failed with response: HTTP/1.1 403 Forbidden; content: [The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.]
at org.jclouds.aws.handlers.ParseAWSErrorFromXmlContent.handleError(ParseAWSErrorFromXmlContent.java:74)
... 9 more
{noformat}
> Firewall authorization should be idempotent
> -------------------------------------------
>
> Key: WHIRR-249
> URL: https://issues.apache.org/jira/browse/WHIRR-249
> Project: Whirr
> Issue Type: Bug
> Reporter: Tom White
> Fix For: 0.6.0
>
> Attachments: WHIRR-249.patch
>
>
> Sometimes firewall rules are left over from a previous cluster that wasn't shut down properly, leading to cluster launch failure. This can be fixed by making FirewallSettings.authorizeIngress idempotent.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira