[Yahoo-eng-team] [Bug 1731980] Re: Redirect to login after Authentication completed. without explanation

2018-07-13 Thread Christian Zunker 
We have the same problem with pike.
The first logins get redirected to the login page, although the logs say login 
was successful:
[Fri Jul 13 06:21:54.054265 2018] [wsgi:error] [pid 8324:tid 140488754718464] 
DEBUG:keystoneauth.session:GET call to identity for 
https://internal.:5000/v3/users/7304c7bddd624e928efc7984ff4585
cf/projects used request id req-4689361a-16bc-451a-9b7c-c7b446730f86
[Fri Jul 13 06:21:54.054786 2018] [wsgi:error] [pid 8324:tid 140488754718464] 
DEBUG:keystoneauth.identity.v3.base:Making authentication request to 
https://internal.:5000/v3/auth/tokens
[Fri Jul 13 06:21:54.090009 2018] [wsgi:error] [pid 8324:tid 140488754718464] 
DEBUG:urllib3.connectionpool:https://internal.:5000 "POST 
/v3/auth/tokens HTTP/1.1" 201 11353
[Fri Jul 13 06:21:54.091301 2018] [wsgi:error] [pid 8324:tid 140488754718464] 
DEBUG:keystoneauth.identity.v3.base:{"token": ...
[Fri Jul 13 06:21:54.097652 2018] [wsgi:error] [pid 8324:tid 140488754718464] 
Login successful for user "christian.zunker", remote address 172.20.2.125.
[Fri Jul 13 06:21:54.247158 2018] [wsgi:info] [pid 8330:tid 140488754718464] 
[remote 172.20.2.125:25117] mod_wsgi (pid=8330, process='horizon', 
application=''): Loading WSGI script 
'/openstack/venvs/horizon-16.0.8/lib/python2.7/dist-packages/openstack_dashboard/wsgi/django.wsgi'.


This is an openstack-ansible installation. I tried the SESSION_ENGINE with 
three different settings:
- memcached only (3 servers)
- DB only (Galera cluster)
- cached_db
All three settings have the same problem.

This is the context I'm calling: /auth/login/?next=/identity/
Taking a look at the requests:
POST /auth/login/ => HTTP 302
GET /identity/ => HTTP 302
GET /auth/login/?next=/identity/ => HTTP 200
And this repeats. After three lognis, I get:
You do not have permission to access the resource: /identity/
Login in again, it works (sometimes it needs a second time here):
POST /auth/login/ => HTTP 302
GET /identity/ => HTTP 200

access log:
172.20.2.125 - - [13/Jul/2018:06:38:45 +] "GET /identity/ HTTP/1.1" 302 
3844 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 
Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:38:48 +] "GET /auth/login/?next=/identity/ 
HTTP/1.1" 200 3920 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) 
Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:00 +] "POST /auth/login/ HTTP/1.1" 302 
1059 "https://172.20.243.234/auth/login/?next=/identity/; "Mozilla/5.0 (X11; 
Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:02 +] "GET /identity/ HTTP/1.1" 302 364 
"https://172.20.243.234/auth/login/?next=/identity/; "Mozilla/5.0 (X11; Ubuntu; 
Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:05 +] "GET /auth/login/?next=/identity/ 
HTTP/1.1" 200 3921 "https://172.20.243.234/auth/login/?next=/identity/; 
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:15 +] "POST /auth/login/ HTTP/1.1" 302 
906 "https://172.20.243.234/auth/login/?next=/identity/; "Mozilla/5.0 (X11; 
Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:18 +] "GET /identity/ HTTP/1.1" 302 364 
"https://172.20.243.234/auth/login/?next=/identity/; "Mozilla/5.0 (X11; Ubuntu; 
Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:20 +] "GET /auth/login/?next=/identity/ 
HTTP/1.1" 200 3918 "https://172.20.243.234/auth/login/?next=/identity/; 
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:29 +] "POST /auth/login/ HTTP/1.1" 302 
906 "https://172.20.243.234/auth/login/?next=/identity/; "Mozilla/5.0 (X11; 
Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:32 +] "GET /identity/ HTTP/1.1" 302 364 
"https://172.20.243.234/auth/login/?next=/identity/; "Mozilla/5.0 (X11; Ubuntu; 
Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:35 +] "GET /auth/login/?next=/identity/ 
HTTP/1.1" 200 4184 "https://172.20.243.234/auth/login/?next=/identity/; 
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:43 +] "POST /auth/login/ HTTP/1.1" 302 
1059 "https://172.20.243.234/auth/login/?next=/identity/; "Mozilla/5.0 (X11; 
Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:44 +] "GET /identity/ HTTP/1.1" 302 364 
"https://172.20.243.234/auth/login/?next=/identity/; "Mozilla/5.0 (X11; Ubuntu; 
Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125 - - [13/Jul/2018:06:39:47 +] "GET /auth/login/?next=/identity/ 
HTTP/1.1" 200 4184 "https://172.20.243.234/auth/login/?next=/identity/; 
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0"
172.20.2.125

[Yahoo-eng-team] [Bug 1569827] [NEW] LBaaS agent floods log when stats socket is not found

2016-04-13 Thread Christian Zunker 
Public bug reported:

The LBaaS agent creates a lot of log messages, when a new lb-pool is
created.

As soon as I create a lb-pool:
neutron lb-pool-create --lb-method ROUND_ROBIN --name log-test-lb --protocol 
TCP --subnet-id a6ce9a77-53ca-4704-aaf4-fc255cc5fa74
The log file /var/log/neutron/neutron-lbaas-agent.log starts to fill up with 
messages like these:
2016-04-13 12:56:08.922 15373 WARNING 
neutron.services.loadbalancer.drivers.haproxy.namespace_driver [-] Stats socket 
not found for pool 37cbf817-f1ac-4d47-9a04-93c911d0afdd

The message is correct, as the file /var/lib/neutron/lbaas/37cbf817
-f1ac-4d47-9a04-93c911d0afdd/sock is not present. But the message
repeats every 10s.

The messages stop as soon as the lb-pool gets a VIP. At this step the
file /var/lib/neutron/lbaas/37cbf817-f1ac-4d47-9a04-93c911d0afdd/sock is
present. I would expect the lbaas agent to verify the sock file could
really be present before issuing the message.

Version:
Openstack Juno  on SLES 11 SP3.
The package version of openstack-neutron-lbaas-agent is 2014.2.2.dev26-0.11.2

** Affects: neutron
 Importance: Undecided
 Status: New


** Tags: lbaas

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1569827

Title:
  LBaaS agent floods log when stats socket is not found

Status in neutron:
  New

Bug description:
  The LBaaS agent creates a lot of log messages, when a new lb-pool is
  created.

  As soon as I create a lb-pool:
  neutron lb-pool-create --lb-method ROUND_ROBIN --name log-test-lb --protocol 
TCP --subnet-id a6ce9a77-53ca-4704-aaf4-fc255cc5fa74
  The log file /var/log/neutron/neutron-lbaas-agent.log starts to fill up with 
messages like these:
  2016-04-13 12:56:08.922 15373 WARNING 
neutron.services.loadbalancer.drivers.haproxy.namespace_driver [-] Stats socket 
not found for pool 37cbf817-f1ac-4d47-9a04-93c911d0afdd

  The message is correct, as the file /var/lib/neutron/lbaas/37cbf817
  -f1ac-4d47-9a04-93c911d0afdd/sock is not present. But the message
  repeats every 10s.

  The messages stop as soon as the lb-pool gets a VIP. At this step the
  file /var/lib/neutron/lbaas/37cbf817-f1ac-4d47-9a04-93c911d0afdd/sock
  is present. I would expect the lbaas agent to verify the sock file
  could really be present before issuing the message.

  Version:
  Openstack Juno  on SLES 11 SP3.
  The package version of openstack-neutron-lbaas-agent is 2014.2.2.dev26-0.11.2

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1569827/+subscriptions

-- 
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help   : https://help.launchpad.net/ListHelp