Hello,
I recently mainly analyzed the log information of the command and the script code related to the http status code. Currently, I have not found a place to set the status code.In the course of the investigation, there are several speculations.
1.code return value 200 indicates that the server and the client are successfully connected, and successfully received the POST request, and has not performed the related operations of the certificate installation, so it returns 200.
2.The format of the command "system --debug certificate-install -m dummy mykey.pem" is correct. The parameter mode is set incorrectly (dummy). The http server does not recognize the error.
3.http status code is a standard numeric code common to HTTP. In openstack, the corresponding code return value judgment processing, whether it may have been encapsulated, is directly obtained through system functions during use.
The following are two cases (mode=default) that I debug this command, for reference only.
case1:
[sysadmin@controller-0 ~(keystone_admin)]$ system --debug certificate-install mykey.pem
DEBUG (base:187) Making authentication request to http://192.178.204.2:5000/v3/auth/tokens
DEBUG (connectionpool:207) Starting new HTTP connection (1): 192.178.204.2
DEBUG (connectionpool:395) http://192.178.204.2:5000 "POST /v3/auth/tokens HTTP/1.1" 201 4540
.......
DEBUG (connectionpool:207) Starting new HTTP connection (1): 192.178.204.2
DEBUG (connectionpool:395) http://192.178.204.2:6385 "POST /v1/certificate/certificate_install HTTP/1.1" 200 82
Certificate mykey.pem not installed: No certificates have been added, https is not enabled.
case2:
[sysadmin@controller-0 ~(keystone_admin)]$ system modify --https_enabled=True
[sysadmin@controller-0 ~(keystone_admin)]$ system --debug certificate-install mykey.pem
DEBUG (base:187) Making authentication request to http://192.178.204.2:5000/v3/auth/tokens
DEBUG (connectionpool:207) Starting new HTTP connection (1): 192.178.204.2
DEBUG (connectionpool:395) http://192.178.204.2:5000 "POST /v3/auth/tokens HTTP/1.1" 201 4540
......
DEBUG (connectionpool:207) Starting new HTTP connection (1): 192.178.204.2
DEBUG (connectionpool:395) http://192.178.204.2:6385 "POST /v1/certificate/certificate_install HTTP/1.1" 500 0
Certificate mykey.pem not installed: Expecting value: line 1 column 1 (char 0)
According to the code "/usr/lib64/python2.7/site-packages/sysinv/api/controllers/v1/certificate.py", the parameter mode in the command is defined as follows:
default: install certificate for ssl
tpm_mode: install certificate to tpm devices for ssl docker_registry: install certificate for docker registry
openstack: install certificate for openstack openstack_ca: install ca certificate for openstack
Hello,
I recently mainly analyzed the log information of the command and the script code related to the http status code. Currently, I have not found a place to set the status code.In the course of the investigation, there are several speculations.
1.code return value 200 indicates that the server and the client are successfully connected, and successfully received the POST request, and has not performed the related operations of the certificate installation, so it returns 200.
2.The format of the command "system --debug certificate-install -m dummy mykey.pem" is correct. The parameter mode is set incorrectly (dummy). The http server does not recognize the error.
3.http status code is a standard numeric code common to HTTP. In openstack, the corresponding code return value judgment processing, whether it may have been encapsulated, is directly obtained through system functions during use.
The following are two cases (mode=default) that I debug this command, for reference only. sysadmin@ controller- 0 ~(keystone_admin)]$ system --debug certificate-install mykey.pem 192.178. 204.2:5000/ v3/auth/ tokens :207) Starting new HTTP connection (1): 192.178.204.2 :395) http:// 192.178. 204.2:5000 "POST /v3/auth/tokens HTTP/1.1" 201 4540 :207) Starting new HTTP connection (1): 192.178.204.2 :395) http:// 192.178. 204.2:6385 "POST /v1/certificate /certificate_ install HTTP/1.1" 200 82
case1:
[
DEBUG (base:187) Making authentication request to http://
DEBUG (connectionpool
DEBUG (connectionpool
.......
DEBUG (connectionpool
DEBUG (connectionpool
Certificate mykey.pem not installed: No certificates have been added, https is not enabled.
case2: sysadmin@ controller- 0 ~(keystone_admin)]$ system modify --https_ enabled= True sysadmin@ controller- 0 ~(keystone_admin)]$ system --debug certificate-install mykey.pem 192.178. 204.2:5000/ v3/auth/ tokens :207) Starting new HTTP connection (1): 192.178.204.2 :395) http:// 192.178. 204.2:5000 "POST /v3/auth/tokens HTTP/1.1" 201 4540 :207) Starting new HTTP connection (1): 192.178.204.2 :395) http:// 192.178. 204.2:6385 "POST /v1/certificate /certificate_ install HTTP/1.1" 500 0
[
[
DEBUG (base:187) Making authentication request to http://
DEBUG (connectionpool
DEBUG (connectionpool
......
DEBUG (connectionpool
DEBUG (connectionpool
Certificate mykey.pem not installed: Expecting value: line 1 column 1 (char 0)
The error in case 2 above (code=500) may be because HTTPS does not currently support container configuration, see https:/ /wiki.openstack .org/wiki/ StarlingX/ Containers/ Limitations.
According to the code "/usr/lib64/ python2. 7/site- packages/ sysinv/ api/controllers /v1/certificate .py", the parameter mode in the command is defined as follows:
docker_ registry: install certificate for docker registry
openstack_ ca: install ca certificate for openstack
default: install certificate for ssl
tpm_mode: install certificate to tpm devices for ssl
openstack: install certificate for openstack
If you have good suggestions, welcome to share.