Mirantis OpenStack

Cinder list with pagination contains wrong scheme for "next" link in case of SSL endpoints

Bug #1569355 reported by Dmitry Kalashnik
22
This bug affects 6 people
Affects Status Importance Assigned to Milestone
Mirantis OpenStack
Status tracked in 10.0.x
10.0.x
Fix Committed
Medium
Yuriy Nesenenko
Mirantis OpenStack 10.0
7.0.x
Fix Released
Medium
Denis Puchkin
Mirantis OpenStack 7.0-mu-4
8.0.x
Fix Released
Medium
Denis Puchkin
Mirantis OpenStack 8.0-mu-2
9.x
Fix Released
High
Yuriy Nesenenko
Mirantis OpenStack 9.0

Bug Description

Detailed bug description:
we have an environment where we have endpoints for our services SSL based(https), listening behind nginx. Now, most tests have been passing fine without any issue , however except the "tempest.api.volume.v2.test_volumes_list" both fail with same error:

Traceback (most recent call last):
  File "tempest/api/volume/v2/test_volumes_list.py", line 194, in test_volume_list_pagination
    self._test_pagination('volumes', ids=self.volume_id_list, detail=False)
  File "tempest/api/volume/v2/test_volumes_list.py", line 159, in _test_pagination
    response.response['content-location'])
  File "/var/lib/jenkins/workspace/tempest_cloud_compute/tempest-repo/tempest/.venv/lib/python2.7/site-packages/testtools/testcase.py", line 350, in assertEqual
    self.assertThat(observed, matcher, message)
  File "/var/lib/jenkins/workspace/tempest_cloud_compute/tempest-repo/tempest/.venv/lib/python2.7/site-packages/testtools/testcase.py", line 435, in assertThat
    raise mismatch_error
testtools.matchers._impl.MismatchError: !=:
reference = 'http://10.240.134.183:8776/v2/d4e4e6b55d3c4e148c104a62b0a411fc/volumes?limit=1&marker=4587a513-ecbd-4f95-b9d4-40c71da0a78a'
actual = 'https://10.240.134.183:8776/v2/d4e4e6b55d3c4e148c104a62b0a411fc/volumes?limit=1&marker=4587a513-ecbd-4f95-b9d4-40c71da0a78a'
here the only minute difference is of http and https.

A better debug with output is shown below where i print them in the code where response and body are received :

response:
 {'status': '200', 'content-length': '552', 'content-location': 'https://10.240.134.187:8776/v2/519c6279ba3e41a197753c8fdf469dde/volumes?limit=1&marker=46704315-e7f8-4170-8e98-3d6cec91d2d0', 'x-compute-request-id': 'req-f1404f84-9025-47fa-93fc-54889dd5e87b', 'server': 'nginx/1.8.0', 'connection': 'close', 'date': 'Fri, 08 Jan 2016 00:29:16 GMT', 'content-type': 'application/json', 'x-openstack-request-id': 'req-f1404f84-9025-47fa-93fc-54889dd5e87b'}

Body:
 {u'volumes_links': [{u'href': u'http://10.240.134.187:8776/v2/519c6279ba3e41a197753c8fdf469dde/volumes?limit=1&marker=e5cbd1ce-fc08-4bb6-82e3-badc875854fd', u'rel': u'next'}], u'volumes': [{u'id': u'e5cbd1ce-fc08-4bb6-82e3-badc875854fd', u'links': [{u'href': u'http://10.240.134.187:8776/v2/519c6279ba3e41a197753c8fdf469dde/volumes/e5cbd1ce-fc08-4bb6-82e3-badc875854fd', u'rel': u'self'}, {u'href': u'http://10.240.134.187:8776/519c6279ba3e41a197753c8fdf469dde/volumes/e5cbd1ce-fc08-4bb6-82e3-badc875854fd', u'rel': u'bookmark'}], u'name': u'tempest-Volume-1123740716'}]}

In above output, you can clearly see http and https in both fields.

Steps to reproduce:
to reproduce, its simple, to have https based environment, and see if this test makes through.

Expected results:
href field contains link with https

Actual result:
href field contains link with http

Reproducibility:
Every time

Related bugs:
https://bugs.launchpad.net/tempest/+bug/1532116
https://bugs.launchpad.net/cinder/+bug/1558683

Dmitry Kalashnik (dkalashnik)
Changed in mos:
milestone: 10.0 → 7.0-updates
Anton Matveev (amatveev)
tags: added: customer-found sla2
Ivan Kolodyazhny (e0ne)
Changed in mos:
assignee: MOS Cinder (mos-cinder) → Yuriy Nesenenko (ynesenenko)
Revision history for this message
Yuriy Nesenenko (ynesenenko) wrote :

The bug was reproduced in mitaka-9.0

Changed in mos:
status: New → In Progress
Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Fix proposed to openstack/cinder (9.0/mitaka)

Fix proposed to branch: 9.0/mitaka
Change author: Yuriy Nesenenko <email address hidden>
Review: https://review.fuel-infra.org/19570

Revision history for this message
Anton Matveev (amatveev) wrote :

adding 9.0 and increasing priority to high there , since it's a customer found issue and should be delivered with MU releases

Ivan Kolodyazhny (e0ne)
tags: added: cinder swarm-blocker
Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Fix proposed to openstack/cinder (openstack-ci/fuel-7.0/2015.1.0)

Fix proposed to branch: openstack-ci/fuel-7.0/2015.1.0
Change author: Yuriy Nesenenko <email address hidden>
Review: https://review.fuel-infra.org/19595

Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Fix proposed to openstack/cinder (openstack-ci/fuel-8.0/liberty)

Fix proposed to branch: openstack-ci/fuel-8.0/liberty
Change author: Yuriy Nesenenko <email address hidden>
Review: https://review.fuel-infra.org/19709

Revision history for this message
Vitaly Sedelnik (vsedelnik) wrote :

Per email conversation 7.0 fix needs some adjustments in HAProxy config - we need to provide manual instruction and/or appropriate fix to puppet manifests.

Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Change abandoned on openstack/cinder (9.0/mitaka)

Change abandoned by Yuriy Nesenenko <email address hidden> on branch: 9.0/mitaka
Review: https://review.fuel-infra.org/19570
Reason: wrong aprouch

Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Fix proposed to openstack/cinder (9.0/mitaka)

Fix proposed to branch: 9.0/mitaka
Change author: Yuriy Nesenenko <email address hidden>
Review: https://review.fuel-infra.org/20056

Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Fix merged to openstack/cinder (9.0/mitaka)

Reviewed: https://review.fuel-infra.org/20056
Submitter: Pkgs Jenkins <email address hidden>
Branch: 9.0/mitaka

Commit: 2ddf86a8fadaf359327a68d3c361db88f696b027
Author: Yuriy Nesenenko <email address hidden>
Date: Mon Apr 25 13:42:14 2016

Handle SSL termination proxies for version list

Cinder list with pagination contains wrong scheme
for 'next' link in case of SSL endpoints. This
patch fixes it and returns the correct scheme in
version URLs if service is behind an SSL termination
proxy.

Change-Id: If5aab9cc25a2e7c66a0bb13b5f7488a667b30309
Closes-Bug: #1569355
Related-Bug: #1490266

Revision history for this message
Denis Puchkin (dpuchkin) wrote :

CR https://review.openstack.org/#/c/318690/ for 7.0 with some ajustment in HAProxy Config

Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Fix merged to openstack/cinder (openstack-ci/fuel-7.0/2015.1.0)

Reviewed: https://review.fuel-infra.org/19595
Submitter: Vitaly Sedelnik <email address hidden>
Branch: openstack-ci/fuel-7.0/2015.1.0

Commit: 1def89d73dde78f3e579e1f30df1df645a91f6cb
Author: Yuriy Nesenenko <email address hidden>
Date: Thu Apr 14 11:12:01 2016

Handle SSL termination proxies for version list

Cinder list with pagination contains wrong scheme
for 'next' link in case of SSL endpoints. This
patch fixes it and returns the correct scheme in
version URLs if service is behind an SSL termination
proxy.

To work properly the patch it should add the line indicated
below into /etc/haproxy/conf.d/070-cinder-api.cfg
"http-request set-header X-Forwarded-Proto https if { ssl_fc }"

Change-Id: If4ad49ea87b8fa7a0fb245eddbc013d01cbc79eb
Closes-Bug: #1569355

Vladimir Jigulin (vjigulin)
tags: added: on-verification
Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Change abandoned on openstack/cinder (openstack-ci/fuel-8.0/liberty)

Change abandoned by Denis Puchkin <email address hidden> on branch: openstack-ci/fuel-8.0/liberty
Review: https://review.fuel-infra.org/19720
Reason: This patch was merged with "Merge the tip of origin/stable/liberty into origin/openstack-ci/fuel-8.0/liberty"

Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Fix proposed to openstack/cinder (openstack-ci/fuel-8.0/liberty)

Fix proposed to branch: openstack-ci/fuel-8.0/liberty
Change author: Yuriy Nesenenko <email address hidden>
Review: https://review.fuel-infra.org/21437

Revision history for this message
Oleksiy Butenko (obutenko) wrote :

cat /etc/fuel_build_id:
 404
cat /etc/fuel_build_number:
 404
cat /etc/fuel_release:
 9.0
cat /etc/fuel_openstack_version:
 mitaka-9.0
rpm -qa | egrep 'fuel|astute|network-checker|nailgun|packetary|shotgun':
 fuel-release-9.0.0-1.mos6347.noarch
 fuel-bootstrap-cli-9.0.0-1.mos283.noarch
 fuel-migrate-9.0.0-1.mos8391.noarch
 rubygem-astute-9.0.0-1.mos746.noarch
 fuel-provisioning-scripts-9.0.0-1.mos8709.noarch
 network-checker-9.0.0-1.mos72.x86_64
 fuel-mirror-9.0.0-1.mos136.noarch
 fuel-openstack-metadata-9.0.0-1.mos8709.noarch
 fuel-notify-9.0.0-1.mos8391.noarch
 nailgun-mcagents-9.0.0-1.mos746.noarch
 python-fuelclient-9.0.0-1.mos316.noarch
 fuelmenu-9.0.0-1.mos270.noarch
 fuel-9.0.0-1.mos6347.noarch
 fuel-utils-9.0.0-1.mos8391.noarch
 fuel-setup-9.0.0-1.mos6347.noarch
 fuel-library9.0-9.0.0-1.mos8391.noarch
 shotgun-9.0.0-1.mos90.noarch
 fuel-agent-9.0.0-1.mos283.noarch
 fuel-ui-9.0.0-1.mos2702.noarch
 fuel-ostf-9.0.0-1.mos934.noarch
 fuel-misc-9.0.0-1.mos8391.noarch
 python-packetary-9.0.0-1.mos136.noarch
 fuel-nailgun-9.0.0-1.mos8709.noarch
[root@nailgun ~]#

Revision history for this message
Владимир (mogaika) wrote :

Verified on MOS 7.0 mu4

tags: removed: on-verification
Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Change abandoned on openstack/cinder (openstack-ci/fuel-8.0/liberty)

Change abandoned by Denis Puchkin <email address hidden> on branch: openstack-ci/fuel-8.0/liberty
Review: https://review.fuel-infra.org/19709
Reason: patch with correct parent https://review.fuel-infra.org/#/c/21437/

Revision history for this message
Fuel Devops McRobotson (fuel-devops-robot) wrote : Fix merged to openstack/cinder (openstack-ci/fuel-8.0/liberty)

Reviewed: https://review.fuel-infra.org/21437
Submitter: Pkgs Jenkins <email address hidden>
Branch: openstack-ci/fuel-8.0/liberty

Commit: 6da93ab6772e4fee3acda5057e0f6d40729747f4
Author: Yuriy Nesenenko <email address hidden>
Date: Tue May 31 14:35:12 2016

Handle SSL termination proxies for version list

Cinder list with pagination contains wrong scheme
for 'next' link in case of SSL endpoints. This
patch fixes it and returns the correct scheme in
version URLs if service is behind an SSL termination
proxy.

Change-Id: I8f4ae92ccf0891024e246115a910e16f796c6ae0
Closes-Bug: #1569355

Dmitry Belyaninov (dbelyaninov)
tags: added: on-verification
Revision history for this message
Dmitry Belyaninov (dbelyaninov) wrote :

According to http://172.18.173.8:8080/jenkins/job/maintenance_tempest_runner/240/testReport/tempest.api.volume.v2.test_volumes_list/VolumesV2ListTestJSON/
all tests are in Passed state (8.0 MU2)

tags: removed: on-verification
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.