Hello everyone, In my pike lab setup I am having an issue with using an https endpoint for the compute service only through horizon. The python client works fine. Below is what I am seeing. If you think its a bug let me know and I will file a report. Any assistance would be appreciated.
Nova Endpoints Non SSL functioning correctly. root@controller01<mailto:root@controller01>:~# openstack endpoint list |grep compute | 308f5b565c974aa8a080020ce9c84c40 | us-east-dtw | nova | compute | True | public | http://controller01.us-east-dtw.public.lco.cloud:8774/v2.1 | | d941c3f61cae4b95b9a2fb0b10d9c536 | us-east-dtw | nova | compute | True | internal | http://controller01.us-east-dtw.internal.lco.cloud:8774/v2.1 | | db194f0b5aa7402d82da696c0bf32e38 | us-east-dtw | nova | compute | True | admin | http://controller01.us-east-dtw.admin.lco.cloud:8774/v2.1 | root@controller01<mailto:root@controller01>:~# Changed the endpoint to SSL and a new URL. root@controller01<mailto:root@controller01>:~# openstack endpoint list |grep compute | 168593fd00134b5f9278d81b56e16625 | us-east-dtw | nova | compute | True | public | https://compute.apigw.us-east-dtw.lco.cloud:8774/v2.1 | | d941c3f61cae4b95b9a2fb0b10d9c536 | us-east-dtw | nova | compute | True | internal | http://controller01.us-east-dtw.internal.lco.cloud:8774/v2.1 | | db194f0b5aa7402d82da696c0bf32e38 | us-east-dtw | nova | compute | True | admin | http://controller01.us-east-dtw.admin.lco.cloud:8774/v2.1 | Test if the api endpoint is there. From Controller. root@controller01:~# curl https://compute.apigw.us-east-dtw.lco.cloud:8774/v2.1 {"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}} Test if the api endpoint is listening and reachable from the Horizon Server. root@horizon01:~# curl https://compute.apigw.us-east-dtw.lco.cloud:8774/v2.1 {"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}} Yes it is there and listening from both. Test from the openstack client root@controller01<mailto:root@controller01>:~# openstack server list +--------------------------------------+-----------+--------+-------------------------+-------+----------+ | ID | Name | Status | Networks | Image | Flavor | +--------------------------------------+-----------+--------+-------------------------+-------+----------+ | 70ce7c5b-df65-456c-bb26-f4741f78f691 | WinTest-5 | ACTIVE | Admin-RFC1918=10.0.0.23 | | m1.large | | 8eaf4a62-7611-4c39-aab1-39726c4e1461 | WinTest-4 | ACTIVE | Admin-RFC1918=10.0.0.39 | | m1.large | | 9e1e58d2-da74-4c09-a999-e69a4616f244 | WinTest-3 | ACTIVE | Admin-RFC1918=10.0.0.13 | | m1.large | | 24ec52a5-c405-483e-aa58-4af3f4ef6448 | WinTest-2 | ACTIVE | Admin-RFC1918=10.0.0.25 | | m1.large | | 9402a70a-ead3-41ef-bcb6-0ca387295b95 | WinTest-1 | ACTIVE | Admin-RFC1918=10.0.0.38 | | m1.large | +--------------------------------------+-----------+--------+-------------------------+-------+----------+ root@controller01<mailto:root@controller01>:~# Test from Horizon UI. Fail "Unable to Retrieve instance list". This is the error from the horizon error log. [Thu Oct 19 03:50:50.747066 2017] [wsgi:error] [pid 1631:tid 139920712161024] WARNING horizon.exceptions Recoverable error: Unable to establish connection to http://compute.apigw.us-east-dtw.lco.cloud/v2.1/: HTTPConnectionPool(host='compute.apigw.us-east-dtw.lco.cloud', port=80): Max retries exceeded with url: /v2.1/ (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f41d2d3b050>: Failed to establish a new connection: [Errno 111] Connection refused',)) The obvious problem is that request went to port 80 and is not https:// but why? I double checked local_settings.py and publicURL is set for the endpoint type. Setting it back to the original, non ssl endpoint and horizon works properly. Any ideas? So far I have only seen this issue with Nova. I did swift earlier without issue. root@controller01<mailto:root@controller01>:~# openstack endpoint list |grep object | 169d972b2ac5435cbcfd8900a94f2c61 | us-east-dtw | swift | object-store | True | public | https://object.apigw.us-east-dtw.lco.cloud:8080/v1/AUTH_%(project_id)s | | 5b030e1c00834fbda424a8c0b0c95d17 | us-east-dtw | swift | object-store | True | internal | http://swift01.us-east-dtw.internal.lco.cloud:8080/v1/AUTH_%(project_id)s | | aa6be6369f884f78b01bd965e0b9fa12 | us-east-dtw | swift | object-store | True | admin | http://swift01.us-east-dtw.admin.lco.cloud:8080/v1 | root@controller01<mailto:root@controller01>:~# Thanks in advance. Steve Searles
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
