Sam Morrison wrote: > We updated our control infrastructure to the latest Ubuntu Xenial Kernel > (4.4.0-109) which includes the meltdown fixes. > > We have found this kernel to have issues with SSL connections with python and > have since downgraded. We get errors like: > > SSLError: SSL exception connecting to > https://keystone.example.com:35357/v3/auth/tokens: ("bad handshake: > Error([('', 'osrandom_rand_bytes', 'getrandom() initialization failed.')],)”,) > > Full trace: http://paste.openstack.org/show/646803/ > > This was affecting glance mainly but all API services were having issues. > > Our controllers are running inside KVM VMs and the guests see the CPU as > "Intel Xeon E3-12xx v2 (Ivy Bridge)” > > This isn’t an openstack issue specifically but hopefully it helps others who > may be seeing similar issues.
Thanks Sam for sharing! If you can clearly narrow it down to a specific update (kernel or microcode), can you make sure the bug is reported back to Ubuntu ? Distros are struggling with the stability of the Meltdown/Spectre workarounds (especially the opaque CPU microcode updates) and can probably use any information we can provide to them. -- Thierry Carrez (ttx) _______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
