Projects dropdown fails due to incomplete Keystone endpoint URL
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
django-openstack-auth |
Fix Released
|
Undecided
|
Johannes Grassler |
Bug Description
Problem Description
===================
The 'Projects' dropdown in our Horizon dashboard (the one on the top
left) is empty since we switched to Openstack Kilo. We investigated the
issue and found the following error message in horizon.log:
Authorization
[You will find a full stack trace in stacktrace.txt in the attached
tarball.]
Further investigation (see keystone.pcap in the attached tarball for a
packet trace) revealed that horizon is trying to access
http://
http://
worked around by appending missing versioning information in backend.py
(see below), but it should be possible to fix this in a cleaner manner.
Environment
===========
We are running Openstack Kilo with the Ubuntu Cloud packages, some of
them modified locally with backported bugfixes. You will find these
packages at https:/
In particular, we are running the following Horizon package:
https:/
Configuration
=============
You will find our full Horizon configuration in local_settings.py in the
attached tarball. Relevant points:
* OPENSTACK_
* OPENSTACK_
* The identity endpoints as reported by Keystone itself do not contain
versioning information (the way it is supposed to be as of Kilo).
Steps to reproduce
==================
* Run Horizon/Kilo (with the Ubuntu Cloud packages or our modified
packages; both should exhibit this problem)
* Configure the end points and OPENSTACK_
"Configuration"
* Log into the web interface.
This should yield an empty Projects dropdown list and the stacktrace in
stacktrace.txt in /var/log/
Workaround
==========
I modified /usr/lib/
append versioning information to the endpoint URL if it is missing. This
can be used to work around the problem in a pinch, but I do not consider
it a clean fix.
Files
=====
I attached a couple of files to illustrate the problem (you will find
all of these in horizon-
backend.py The modified backend.py described under "Workaround"
endpoints.txt A list of identity endpoints as reported by Keystone
keystone.pcap A packet capture of Horizon's interactions with
local_settings.py Our Horizon configuration
stacktrace.txt The stack trace that appears in
Changed in horizon: | |
assignee: | nobody → Johannes Grassler (jgr-launchpad) |
status: | New → In Progress |
Changed in django-openstack-auth: | |
assignee: | nobody → Johannes Grassler (jgr-launchpad) |
status: | New → In Progress |
Changed in django-openstack-auth: | |
milestone: | none → 2.1.1 |
no longer affects: | horizon |
We figured out that this line is the problem:
https:/ /github. com/openstack/ django_ openstack_ auth/blob/ stable/ kilo/openstack_ auth/backend. py#L183
It is unchanged from Juno, which means it breaks in the versionless endpoint environment introduced with Kilo. I hacked up a slightly better fix than the workaround up there, but I'm unsure where/how to submit it for review (since it is a change to django_ openstack_ auth and not to horizon proper).