This is a contrail-api issue with the obj-perms API which is used by contrail-analytics-api:

WARNING:keystonemiddleware.auth_token:Use of the auth_admin_prefix, auth_host, auth_port, auth_protocol, identity_uri, admin_token, admin_user, admin_password, and admin_tenant_name configuration options was deprecated in the Mitaka release in favor of an auth_plugin and its related options. This class may be removed in a future release.
WARNING:keystonemiddleware.auth_token:Configuring admin URI using auth fragments was deprecated in the Kilo release, and will be removed in the N release, use 'identity_uri\ instead.
WARNING:keystonemiddleware.auth_token:Configuring auth_uri to point to the public identity endpoint is required; clients may not be able to authenticate against an admin endpoint
WARNING:keystonemiddleware.auth_token:Authorization failed for token
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/bottle.py", line 856, in _handle
    return route.call(**args)
  File "/usr/lib/python2.7/dist-packages/bottle.py", line 1721, in wrapper
    rv = callback(*a, **ka)
  File "/usr/lib/python2.7/dist-packages/vnc_cfg_api_server/vnc_cfg_api_server.py", line 1618, in handler_trap_exception
    response = handler(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/vnc_cfg_api_server/vnc_cfg_api_server.py", line 1759, in obj_perms_http_get
    token_info = self._auth_svc.validate_user_token(get_request())
  File "/usr/lib/python2.7/dist-packages/vnc_cfg_api_server/vnc_auth_keystone.py", line 236, in validate_user_token
    return auth_middleware(request.headers.environ, None)
  File "/usr/lib/python2.7/dist-packages/webob/dec.py", line 130, in __call__
    resp = self.call_func(req, *args, **self.kwargs)
  File "/usr/lib/python2.7/dist-packages/webob/dec.py", line 195, in call_func
    return self.func(req, *args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/keystonemiddleware/auth_token/__init__.py", line 467, in __call__
    response = req.get_response(self._app)
  File "/usr/lib/python2.7/dist-packages/webob/request.py", line 1317, in send
    application, catch_exc_info=False)
  File "/usr/lib/python2.7/dist-packages/webob/request.py", line 1284, in call_application
    output.extend(app_iter)
TypeError: 'NoneType' object is not iterable
10.204.217.53 - - [2016-07-20 23:15:11] "GET /obj-perms?token=b81efadaf55e4c14937365eda5df4914 HTTP/1.1" 500 156 0.019420
ERROR:contrail-api:__default__ [SYS_ERR]: VncApiError: <type 'exceptions.TypeError'>
Python 2.7.6: /usr/bin/python
Wed Jul 20 23:15:11 2016

A problem occurred in a Python script.  Here is the sequence of
function calls leading up to the error, in the order they occurred.

 /usr/lib/python2.7/dist-packages/vnc_cfg_api_server/vnc_cfg_api_server.py in handler_trap_exception(*args=(), **kwargs={})
 1616                     (code, err_msg) = status
 1617                     raise cfgm_common.exceptions.HttpError(code, err_msg)
 1618                 response = handler(*args, **kwargs)
 1619                 self._generate_rest_api_response_trace(trace, response)
 1620
response undefined
handler = <bound method VncApiServer.obj_perms_http_get of...i_server.vnc_cfg_api_server.VncApiServer object>>
args = ()
kwargs = {}

/usr/lib/python2.7/dist-packages/vnc_cfg_api_server/vnc_cfg_api_server.py in obj_perms_http_get(self=<vnc_cfg_api_server.vnc_cfg_api_server.VncApiServer object>)
 1757                 b_req.url, b_req.urlparts, b_req.environ, b_req.headers, None, None)
 1758             set_context(context.ApiContext(internal_req=i_req))
 1759             token_info = self._auth_svc.validate_user_token(get_request())
 1760         finally:
 1761             set_context(orig_context)
token_info undefined
self = <vnc_cfg_api_server.vnc_cfg_api_server.VncApiServer object>
self._auth_svc = <vnc_cfg_api_server.vnc_auth_keystone.AuthServiceKeystone object>
self._auth_svc.validate_user_token = <bound method AuthServiceKeystone.validate_user_...er.vnc_auth_keystone.AuthServiceKeystone object>>
global get_request = <function get_request>

 /usr/lib/python2.7/dist-packages/vnc_cfg_api_server/vnc_auth_keystone.py in validate_user_token(self=<vnc_cfg_api_server.vnc_auth_keystone.AuthServiceKeystone object>, request=<vnc_cfg_api_server.context.ApiInternalRequest object>)
  234
  235         auth_middleware = auth_token.AuthProtocol(self.token_valid, conf_info)
  236         return auth_middleware(request.headers.environ, None)
  237
  238 # end class AuthService
auth_middleware = <keystonemiddleware.auth_token.AuthProtocol object>
request = <vnc_cfg_api_server.context.ApiInternalRequest object>
request.headers = <bottle.WSGIHeaderDict object>
request.headers.environ = {'HTTP_X_AUTH_TOKEN': u'b81efadaf55e4c14937365eda5df4914', 'HTTP_X_IDENTITY_STATUS': 'Invalid', 'REQUEST_METHOD': 'GET', 'bottle.app': <bottle.Bottle object>, 'bottle.request': <BaseRequest: GET http://127.0.0.1/>, 'bottle.request.headers': <bottle.WSGIHeaderDict object>, 'bottle.request.urlparts': SplitResult(scheme='http', netloc='127.0.0.1', path='/', query=None, fragment=''), 'keystone.token_auth': <keystonemiddleware.auth_token._user_plugin.UserAuthPlugin object>, 'webob.adhoc_attrs': {'response': <_AuthTokenResponse at 0x7ff66af90550 200 OK>}}
builtinNone = None

 /usr/lib/python2.7/dist-packages/webob/dec.py in __call__(self=<wsgify at 140696333388752 wrapping <bound metho...stonemiddleware.auth_token.AuthProtocol object>>>, req=<_AuthTokenRequest at 0x7ff66af90ed0 (invalid WSGI environ)>, *args=(), **kw={})
  128                 if self.middleware_wraps:
  129                     args = (self.middleware_wraps,) + args
  130                 resp = self.call_func(req, *args, **self.kwargs)
  131             except HTTPException as exc:
  132                 resp = exc
resp undefined
self = <wsgify at 140696333388752 wrapping <bound metho...stonemiddleware.auth_token.AuthProtocol object>>>
self.call_func = <bound method wsgify.call_func of <wsgify at 140...tonemiddleware.auth_token.AuthProtocol object>>>>
req = <_AuthTokenRequest at 0x7ff66af90ed0 (invalid WSGI environ)>
args = ()
self.kwargs = {}

 /usr/lib/python2.7/dist-packages/webob/dec.py in call_func(self=<wsgify at 140696333388752 wrapping <bound metho...stonemiddleware.auth_token.AuthProtocol object>>>, req=<_AuthTokenRequest at 0x7ff66af90ed0 (invalid WSGI environ)>, *args=(), **kwargs={})
  193         """Call the wrapped function; override this in a subclass to
  194         change how the function is called."""
  195         return self.func(req, *args, **kwargs)
  196
  197     def clone(self, func=None, **kw):
self = <wsgify at 140696333388752 wrapping <bound metho...stonemiddleware.auth_token.AuthProtocol object>>>
self.func = <bound method AuthProtocol.__call__ of <keystonemiddleware.auth_token.AuthProtocol object>>
req = <_AuthTokenRequest at 0x7ff66af90ed0 (invalid WSGI environ)>
args = ()
kwargs = {}

 /usr/lib/python2.7/dist-packages/keystonemiddleware/auth_token/__init__.py in __call__(self=<keystonemiddleware.auth_token.AuthProtocol object>, req=<_AuthTokenRequest at 0x7ff66af90ed0 (invalid WSGI environ)>)
  465         if response:
  466             return response
  467         response = req.get_response(self._app)
  468         return self.process_response(response)
  469
response = None
req = <_AuthTokenRequest at 0x7ff66af90ed0 (invalid WSGI environ)>
req.get_response = <bound method _AuthTokenRequest.send of <_AuthTo...equest at 0x7ff66af90ed0 (invalid WSGI environ)>>
self = <keystonemiddleware.auth_token.AuthProtocol object>
self._app = <bound method AuthServiceKeystone.token_valid of...er.vnc_auth_keystone.AuthServiceKeystone object>>

 /usr/lib/python2.7/dist-packages/webob/request.py in send(self=<_AuthTokenRequest at 0x7ff66af90ed0 (invalid WSGI environ)>, application=<bound method AuthServiceKeystone.token_valid of...er.vnc_auth_keystone.AuthServiceKeystone object>>, catch_exc_info=False)
 1315         else:
 1316             status, headers, app_iter = self.call_application(
 1317                 application, catch_exc_info=False)
 1318         return self.ResponseClass(
 1319             status=status, headerlist=list(headers), app_iter=app_iter)
application = <bound method AuthServiceKeystone.token_valid of...er.vnc_auth_keystone.AuthServiceKeystone object>>
catch_exc_info = False
builtinFalse = False

 /usr/lib/python2.7/dist-packages/webob/request.py in call_application(self=<_AuthTokenRequest at 0x7ff66af90ed0 (invalid WSGI environ)>, application=<bound method AuthServiceKeystone.token_valid of...er.vnc_auth_keystone.AuthServiceKeystone object>>, catch_exc_info=False)
 1282         if output or not captured:
 1283             try:
 1284                 output.extend(app_iter)
 1285             finally:
 1286                 if hasattr(app_iter, 'close'):
output = []
output.extend = <built-in method extend of list object>
app_iter = None
<type 'exceptions.TypeError'>: 'NoneType' object is not iterable
    __class__ = <type 'exceptions.TypeError'>
    __delattr__ = <method-wrapper '__delattr__' of exceptions.TypeError object>
    __dict__ = {}
    __doc__ = 'Inappropriate argument type.'
    __format__ = <built-in method __format__ of exceptions.TypeError object>
    __getattribute__ = <method-wrapper '__getattribute__' of exceptions.TypeError object>
    __getitem__ = <method-wrapper '__getitem__' of exceptions.TypeError object>
    __getslice__ = <method-wrapper '__getslice__' of exceptions.TypeError object>
    __hash__ = <method-wrapper '__hash__' of exceptions.TypeError object>
    __init__ = <method-wrapper '__init__' of exceptions.TypeError object>
    __new__ = <built-in method __new__ of type object>
    __reduce__ = <built-in method __reduce__ of exceptions.TypeError object>
    __reduce_ex__ = <built-in method __reduce_ex__ of exceptions.TypeError object>
    __repr__ = <method-wrapper '__repr__' of exceptions.TypeError object>
    __setattr__ = <method-wrapper '__setattr__' of exceptions.TypeError object>
    __setstate__ = <built-in method __setstate__ of exceptions.TypeError object>
    __sizeof__ = <built-in method __sizeof__ of exceptions.TypeError object>
    __str__ = <method-wrapper '__str__' of exceptions.TypeError object>
    __subclasshook__ = <built-in method __subclasshook__ of type object>
    __unicode__ = <built-in method __unicode__ of exceptions.TypeError object>
    args = ("'NoneType' object is not iterable",)
    message = "'NoneType' object is not iterable"

The above is a description of an error in a Python program.  Here is
the original traceback:

Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/vnc_cfg_api_server/vnc_cfg_api_server.py", line 1618, in handler_trap_exception
    response = handler(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/vnc_cfg_api_server/vnc_cfg_api_server.py", line 1759, in obj_perms_http_get
    token_info = self._auth_svc.validate_user_token(get_request())
  File "/usr/lib/python2.7/dist-packages/vnc_cfg_api_server/vnc_auth_keystone.py", line 236, in validate_user_token
    return auth_middleware(request.headers.environ, None)
  File "/usr/lib/python2.7/dist-packages/webob/dec.py", line 130, in __call__
    resp = self.call_func(req, *args, **self.kwargs)
  File "/usr/lib/python2.7/dist-packages/webob/dec.py", line 195, in call_func
    return self.func(req, *args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/keystonemiddleware/auth_token/__init__.py", line 467, in __call__
    response = req.get_response(self._app)
  File "/usr/lib/python2.7/dist-packages/webob/request.py", line 1317, in send
    application, catch_exc_info=False)
  File "/usr/lib/python2.7/dist-packages/webob/request.py", line 1284, in call_application
    output.extend(app_iter)
TypeError: 'NoneType' object is not iterable