Bug #1795309 “server group quota exeeding makes forced log out” : Bugs : OpenStack Dashboard (Horizon)

ByungYeol Woo (wby1089) on 2018-10-02

summary:

- server group
+ server group quota exeeding makes forced log out

Revision history for this message

Ivan Kolodyazhny (e0ne) wrote on 2018-10-03:

#1

ByungYeol could you please provide horizon and keystone logs?

Changed in horizon:
assignee:	nobody → ByungYeol Woo (wby1089)
status:	New → Incomplete

ByungYeol Woo (wby1089) on 2018-10-05

description:

updated

Revision history for this message

ByungYeol Woo (wby1089) wrote on 2018-10-05:

#2

Download full text (4.0 KiB)

------------
number of instances => number of server groups
------------

I updated bug description. Sorry for my misdescribe.

And please see below logs:

==> keystone/keystone.log <==
2018-10-05 18:07:31.465 26 INFO keystone.common.wsgi [req-168a8c90-5836-41ff-be33-b252ae044aa4 e96731e13ee54b09be13dee595ab1bbe 30bf9d6703d846698ff3883b4be3fb4e - default default] GET http://my.site.com:35357/v3/auth/tokens
2018-10-05 18:07:31.426 21 INFO keystone.common.wsgi [req-dbf6f311-1f79-4a17-97d1-820868fea407 db6e37a160336c47f2b8320475da189af4a1d875ea483b5c2755e86b6e2e9386 b9b3c5b3dcdd4e7d8bdec135bf95fbab - a4ef38a1a3604ab58959ec273950c274 a4ef38a1a3604ab58959ec273950c274] POST http://my.site.com:5000/v3/auth/tokens
2018-10-05 18:07:31.434 21 INFO keystone.token.token_formatters [req-dbf6f311-1f79-4a17-97d1-820868fea407 db6e37a160336c47f2b8320475da189af4a1d875ea483b5c2755e86b6e2e9386 b9b3c5b3dcdd4e7d8bdec135bf95fbab - a4ef38a1a3604ab58959ec273950c274 a4ef38a1a3604ab58959ec273950c274] Fernet token created with length of 268 characters, which exceeds 255 characters

==> keystone/keystone-apache-public-access.log <==
192.168.0.142 - - [05/Oct/2018:18:07:31 +0900] "GET / HTTP/1.1" 300 274 1954 "-" "python-novaclient keystoneauth1/3.10.0 python-requests/2.19.1 CPython/2.7.15rc1"
192.168.0.142 - - [05/Oct/2018:18:07:31 +0900] "POST /v3/auth/tokens HTTP/1.1" 201 10135 31492 "-" "python-novaclient keystoneauth1/3.10.0 python-requests/2.19.1 CPython/2.7.15rc1"

==> keystone/keystone-apache-admin-error.log <==
2018-10-05 18:07:31.465826 2018-10-05 18:07:31.465 26 INFO keystone.common.wsgi [req-168a8c90-5836-41ff-be33-b252ae044aa4 e96731e13ee54b09be13dee595ab1bbe 30bf9d6703d846698ff3883b4be3fb4e - default default] GET http://my.site.com:35357/v3/auth/tokens\x1b[00m

==> keystone/keystone-apache-admin-access.log <==
192.168.0.141 - - [05/Oct/2018:18:07:31 +0900] "GET /v3/auth/tokens HTTP/1.1" 200 10135 33969 "-" "python-keystoneclient"

==> keystone/keystone-apache-public-error.log <==
2018-10-05 18:07:31.426755 2018-10-05 18:07:31.426 21 INFO keystone.common.wsgi [req-dbf6f311-1f79-4a17-97d1-820868fea407 db6e37a160336c47f2b8320475da189af4a1d875ea483b5c2755e86b6e2e9386 b9b3c5b3dcdd4e7d8bdec135bf95fbab - a4ef38a1a3604ab58959ec273950c274 a4ef38a1a3604ab58959ec273950c274] POST http://my.site.com:5000/v3/auth/tokens\x1b[00m
2018-10-05 18:07:31.435090 2018-10-05 18:07:31.434 21 INFO keystone.token.token_formatters [req-dbf6f311-1f79-4a17-97d1-820868fea407 db6e37a160336c47f2b8320475da189af4a1d875ea483b5c2755e86b6e2e9386 b9b3c5b3dcdd4e7d8bdec135bf95fbab - a4ef38a1a3604ab58959ec273950c274 a4ef38a1a3604ab58959ec273950c274] Fernet token created with length of 268 characters, which exceeds 255 characters\x1b[00m

==> horizon/horizon-access.log <==
10.126.60.93 - - [05/Oct/2018:18:07:31 +0900] "POST /api/nova/servergroups/ HTTP/1.1" 403 107 132008 "https://my.site.com/project/server_groups" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"

==> horizon/horizon.log <==
[Fri Oct 05 18:07:31.528938 2018] [wsgi:error] [pid 23:tid 140708460971776] [remote 192.168.0.135:38004] Logging out user "woobee".

==> horizon/horizon-access.log <==
10.126.60.93...

------------
number of instances => number of server groups
------------

I updated bug description. Sorry for my misdescribe.

And please see below logs:

==> keystone/keystone.log <==
2018-10-05 18:07:31.465 26 INFO keystone.common.wsgi [req-168a8c90-5836-41ff-be33-b252ae044aa4 e96731e13ee54b09be13dee595ab1bbe 30bf9d6703d846698ff3883b4be3fb4e - default default] GET http://my.site.com:35357/v3/auth/tokens
2018-10-05 18:07:31.426 21 INFO keystone.common.wsgi [req-dbf6f311-1f79-4a17-97d1-820868fea407 db6e37a160336c47f2b8320475da189af4a1d875ea483b5c2755e86b6e2e9386 b9b3c5b3dcdd4e7d8bdec135bf95fbab - a4ef38a1a3604ab58959ec273950c274 a4ef38a1a3604ab58959ec273950c274] POST http://my.site.com:5000/v3/auth/tokens
2018-10-05 18:07:31.434 21 INFO keystone.token.token_formatters [req-dbf6f311-1f79-4a17-97d1-820868fea407 db6e37a160336c47f2b8320475da189af4a1d875ea483b5c2755e86b6e2e9386 b9b3c5b3dcdd4e7d8bdec135bf95fbab - a4ef38a1a3604ab58959ec273950c274 a4ef38a1a3604ab58959ec273950c274] Fernet token created with length of 268 characters, which exceeds 255 characters

==> keystone/keystone-apache-public-access.log <==
192.168.0.142 - - [05/Oct/2018:18:07:31 +0900] "GET / HTTP/1.1" 300 274 1954 "-" "python-novaclient keystoneauth1/3.10.0 python-requests/2.19.1 CPython/2.7.15rc1"
192.168.0.142 - - [05/Oct/2018:18:07:31 +0900] "POST /v3/auth/tokens HTTP/1.1" 201 10135 31492 "-" "python-novaclient keystoneauth1/3.10.0 python-requests/2.19.1 CPython/2.7.15rc1"

==> keystone/keystone-apache-admin-error.log <==
2018-10-05 18:07:31.465826 2018-10-05 18:07:31.465 26 INFO keystone.common.wsgi [req-168a8c90-5836-41ff-be33-b252ae044aa4 e96731e13ee54b09be13dee595ab1bbe 30bf9d6703d846698ff3883b4be3fb4e - default default] GET http://my.site.com:35357/v3/auth/tokens\x1b[00m

==> keystone/keystone-apache-admin-access.log <==
192.168.0.141 - - [05/Oct/2018:18:07:31 +0900] "GET /v3/auth/tokens HTTP/1.1" 200 10135 33969 "-" "python-keystoneclient"

==> keystone/keystone-apache-public-error.log <==
2018-10-05 18:07:31.426755 2018-10-05 18:07:31.426 21 INFO keystone.common.wsgi [req-dbf6f311-1f79-4a17-97d1-820868fea407 db6e37a160336c47f2b8320475da189af4a1d875ea483b5c2755e86b6e2e9386 b9b3c5b3dcdd4e7d8bdec135bf95fbab - a4ef38a1a3604ab58959ec273950c274 a4ef38a1a3604ab58959ec273950c274] POST http://my.site.com:5000/v3/auth/tokens\x1b[00m
2018-10-05 18:07:31.435090 2018-10-05 18:07:31.434 21 INFO keystone.token.token_formatters [req-dbf6f311-1f79-4a17-97d1-820868fea407 db6e37a160336c47f2b8320475da189af4a1d875ea483b5c2755e86b6e2e9386 b9b3c5b3dcdd4e7d8bdec135bf95fbab - a4ef38a1a3604ab58959ec273950c274 a4ef38a1a3604ab58959ec273950c274] Fernet token created with length of 268 characters, which exceeds 255 characters\x1b[00m

==> horizon/horizon-access.log <==
10.126.60.93 - - [05/Oct/2018:18:07:31 +0900] "POST /api/nova/servergroups/ HTTP/1.1" 403 107 132008 "https://my.site.com/project/server_groups" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"

==> horizon/horizon.log <==
[Fri Oct 05 18:07:31.528938 2018] [wsgi:error] [pid 23:tid 140708460971776] [remote 192.168.0.135:38004] Logging out user "woobee".

==> horizon/horizon-access.log <==
10.126.60.93 - - [05/Oct/2018:18:07:31 +0900] "GET /auth/logout/ HTTP/1.1" 302 - 3684 "https://my.site.com/project/server_groups" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.126.60.93 - - [05/Oct/2018:18:07:31 +0900] "GET /auth/login/ HTTP/1.1" 200 3366 39302 "https://my.site.com/project/server_groups" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.126.60.93 - - [05/Oct/2018:18:07:31 +0900] "GET /i18n/js/horizon+openstack_dashboard+octavia_dashboard+heat_dashboard/ HTTP/1.1" 200 193415 12633 "https://my.site.com/auth/login/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
10.126.60.93 - - [05/Oct/2018:18:07:31 +0900] "GET /header/ HTTP/1.1" 200 114 2236 "https://my.site.com/auth/login/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"

Revision history for this message

ByungYeol Woo (wby1089) wrote on 2018-10-15:

#3

I found simmilar bug report from octavia-dashboard that user will be logout from horizon if create new entity which is met quota.

https://storyboard.openstack.org/#!/story/2003522

Revision history for this message

Akihiro Motoki (amotoki) wrote on 2018-11-25:

#4

I think the original bug description is unclear because only the bug title explain the most important thing. I will update the bug description.

description:

updated

Revision history for this message

Akihiro Motoki (amotoki) wrote on 2018-11-25:

#5

When a server group quota exceeds Nova API returns 403.
I guess 403 is not handled properly.

tipica@s26:~/devstack (master) [OS:demo/demo@s26][08:05:26]$ openstack server group create foo
Quota exceeded, too many server groups. (HTTP 403) (Request-ID: req-3b1c404e-9b53-4f0c-8517-b2a8860acfbb)

Changed in horizon:
assignee:	ByungYeol Woo (wby1089) → nobody
status:	Incomplete → Confirmed
importance:	Undecided → Medium

Akihiro Motoki (amotoki) on 2018-12-25

tags:

added: uncaught-403

Vishal Manchanda (vishalmanchanda) on 2019-06-11

Changed in horizon:
assignee:	nobody → Vishal Manchanda (vishalmanchanda)

Revision history for this message

Vishal Manchanda (vishalmanchanda) wrote on 2019-12-03:

#6

It is already fixed in https://review.opendev.org/#/c/677580/.

Changed in horizon:
status:	Confirmed → Fix Released

OpenStack Dashboard (Horizon)

server group quota exeeding makes forced log out

Bug Description

Other bug subscribers

Remote bug watches