> This is a reasonable addition to me to quickly clean things up when I know
> what I'm doing, but I'm hitting an authorization issue:
>
> Traceback (most recent call last):
> File "./leon.py", line 92, in <module>
> leon.clean_spurious_security_groups()
> File "./leon.py", line 73, in clean_spurious_security_groups
> groups = self.nova.security_groups.list()
> File "/tmp/venv/local/lib/python2.7/site-packages/python_novaclient-2.15.0-p
> y2.7.egg/novaclient/v1_1/security_groups.py", line 96, in list
> 'security_groups')
> --snip a bunch of novaclient code--
> File "/tmp/venv/local/lib/python2.7/site-
> packages/python_novaclient-2.15.0-py2.7.egg/novaclient/client.py", line 189,
> in request
> raise exceptions.from_response(resp, body, url, method)
> novaclient.exceptions.Unauthorized: The request you have made requires
> authentication. (HTTP 401)
>
>
> I have a unit_config file with the auth* and juju_env parameters defined. I
> can also manually run "nova secgroup-list" and view my security groups. Do I
> need to have some authorization enabled on my account?
Not that I know of, but your use case is killing Leon for sure, the slight protection excuse doesn't hold anymore for people that have multiple deployments in flight. We would need a far more precise behavior for that.
Additionally, since Chris validated firewall-mode, cleaning the secgroups is not an issue anymore.
If we decide to revert firewall-mode usage later, we may discover that juju[-deployer] has been fixed.
Finally, I realized that I got my movie reference wrong, I was thinking about Victor in Nikita (but Jean Reno plays the same kind of guy which confused me ;)
> This is a reasonable addition to me to quickly clean things up when I know spurious_ security_ groups( ) security_ groups security_ groups. list() local/lib/ python2. 7/site- packages/ python_ novaclient- 2.15.0- p novaclient/ v1_1/security_ groups. py", line 96, in list local/lib/ python2. 7/site- python_ novaclient- 2.15.0- py2.7.egg/ novaclient/ client. py", line 189, from_response( resp, body, url, method) exceptions. Unauthorized: The request you have made requires
> what I'm doing, but I'm hitting an authorization issue:
>
> Traceback (most recent call last):
> File "./leon.py", line 92, in <module>
> leon.clean_
> File "./leon.py", line 73, in clean_spurious_
> groups = self.nova.
> File "/tmp/venv/
> y2.7.egg/
> 'security_groups')
> --snip a bunch of novaclient code--
> File "/tmp/venv/
> packages/
> in request
> raise exceptions.
> novaclient.
> authentication. (HTTP 401)
>
>
> I have a unit_config file with the auth* and juju_env parameters defined. I
> can also manually run "nova secgroup-list" and view my security groups. Do I
> need to have some authorization enabled on my account?
Not that I know of, but your use case is killing Leon for sure, the slight protection excuse doesn't hold anymore for people that have multiple deployments in flight. We would need a far more precise behavior for that.
Additionally, since Chris validated firewall-mode, cleaning the secgroups is not an issue anymore.
If we decide to revert firewall-mode usage later, we may discover that juju[-deployer] has been fixed.
Finally, I realized that I got my movie reference wrong, I was thinking about Victor in Nikita (but Jean Reno plays the same kind of guy which confused me ;)