Platform Horizon HTTPS can no longer be enabled
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Yi Wang |
Bug Description
Brief Description
-----------------
10 Minutes after HTTPS is enabled by "system modify --https_
Severity
--------
Provide the severity of the defect.
Critical
Steps to Reproduce
------------------
- Install a two node system. Openstack applications is NOT applied.
- Enable HTTPS by "system modify --https_
- Check HTTPS is enabled by "system show". eg:
| https_enabled | True |
- Access platform Horizon by HTTPS from a browser, eg:
https:/
Expected Behavior
------------------
User should be presented with Platform Horizon login page, and login successfully after inputting user name and password.
Actual Behavior
----------------
- Existing session (logged in before https is enabled) is still working
- Access to HTTPS never present login page.
Reproducibility
---------------
100% reproducible
System Configuration
-------
Two node system.
Branch/Pull Time/Commit
-------
BUILD_ID=
JOB="STX_
<email address hidden>"
(Lab alias: cgcs-wildcat-69_70)
Last Pass
---------
BUILD_ID=
JOB="STX_
<email address hidden>"
(Lab alias: cgcs-wildcat-3-6)
As reported by:
https:/
Timestamp/Logs
--------------
>>> [root@controller-0 certs(keystone_
>>> --https_
>>> +------
>>> | Property | Value |
>>> +------
>>> | contact | None |
>>> | created_at | 2019-05-
>>> | description | yow-cgcs-
>>> | https_enabled | True |
>>> | location | None |
>>> | name | yow-cgcs-
>>> | region_name | RegionOne |
>>> | sdn_enabled | False |
>>> | security_feature | spectre_meltdown_v1 |
>>> | service_
>>> | software_version | 19.01 |
>>> | system_mode | duplex |
>>> | system_type | All-in-one |
>>> | timezone | UTC |
>>> | updated_at | 2019-05-
>>> | uuid | abe85f35-
>>> | vswitch_type | ovs-dpdk |
>>> +------
>> [root@controller-0 certs(keystone_
>> tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN
>> 1932518/lighttpd
>> tcp6 0 0 :::8080 :::* LISTEN
>> 1932518/lighttpd
>> [root@controller-0 certs(keystone_
>> tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN
>> 1932518/lighttpd
>> tcp6 0 0 :::8443 :::* LISTEN
>> 1932518/lighttpd
System log is attached. Note that HTTPS were turned on/off multiple times.
Test Activity
-------------
Found the issue when working on another Launchpad issue.
https:/
Changed in starlingx: | |
status: | Triaged → In Progress |
tags: | added: stx.retestneeded |
Quoted from Matt Peters: system_ https" RPC handler. The platform: :firewall: :runtime is missing from the list of runtime classes and needs to be added."
"The runtime puppet manifest should be re-applied following the system https reconfiguration, but it looks like it is missing from the "configure_