corner case in nsx api_client code
Bug #1338846 reported by
Aaron Rosen
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| neutron |
Fix Released
|
Medium
|
Aaron Rosen | ||
Bug Description
There is a corner case that the nsx api_client code does not handle today where the nsx controller can return a 307 in order to redirect the request to another controller. At this point neutron-server issues this request to the redirected controller and usually this works fine. Though in the case that the session cookie has expired we'll issue the request and get a 401 and clear the cookie from the request. Then we'll retry the request and get the same 307 again which will result in a 401 as the session cookie was never renewed.
| description: | updated |
| tags: | added: vmware |
| Changed in neutron: | |
| importance: | Undecided → Low |
| Changed in neutron: | |
| assignee: | nobody → Aaron Rosen (arosen) |
| importance: | Low → High |
| Changed in neutron: | |
| status: | New → In Progress |
| Changed in neutron: | |
| importance: | High → Medium |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to neutron (master) | #1 |
| Changed in neutron: | |
| status: | In Progress → Fix Committed |
| Changed in neutron: | |
| milestone: | none → juno-3 |
| status: | Fix Committed → Fix Released |
| Changed in neutron: | |
| milestone: | juno-3 → 2014.2 |
To post a comment you must log in.
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit 0b7a7687309e8c7
Author: Aaron Rosen <email address hidden>
Date: Fri Jul 11 13:56:15 2014 -0700
NSX: Correct default timeout params
Previously, req_timeout and http_timeout were set to the same value
which is not correct. req_timeout is the total time limit for a cluster
request and http_timeout is the time allowed before aborting a request on
an unresponsive controller. Since the default configuration allows 2
retries req_timeout should be double that of http_timeout because of this
this patch goes ahead and removes req_timeout as this should just be
http_timeout * retries.
Because prevouly req_timeout and http_timeout were the same this exposed
a corner case that when the nsx controller returned a 307 we would issue
the request against the redirected controller but in the case where the
session cookie had expire when the request was issued we would get a 401
response back and never retry the request. Now that the default values are
corrected this issue should no longer occur as the next time time we issue
the request we'll fetch a new auth cookie for the redirected controller.
This patch also bumps the timeout values to be higher. We've seen
more and more timeouts occur in our CI system largely because our
cloud is overloaded so increasing the default timeouts will *hopefully*
help reduce test failures.
DocImpact
Closes-bug: 1340969
Closes-bug: 1338846
Change-Id: Id7244cd4d93169