Thank you Juan Antonio Osorio!
With you response, I had fixed this error. I must add more config in nova.conf. Here: [oslo_middleware] secure_proxy_ssl_header = X-Forwarded-Proto enable_proxy_headers_parsing = true Now, I can use nova command normally. http://prntscr.com/k2oq7o Thank you very much. Thanks and Best Regards! Nguyen Trong Tan Openstack group user VietNam. From: Juan Antonio Osorio [mailto:jaosor...@gmail.com] Sent: Thursday, July 5, 2018 8:37 AM To: Nguyễn Trọng Tấn <nguyentrongtan...@gmail.com> Cc: Bogdan Katynski <bogdan.katyn...@workday.com>; openstack@lists.openstack.org; Lê Quang Long (VDC-IT) <longlq....@gmail.com> Subject: Re: [Openstack] Novaclient redirect endpoint https into http Are you using http_to_wsgi_middleware? Gotta enable that in the nova config and make sure its in your paste config. On Wed, 4 Jul 2018, 20:22 Nguyễn Trọng Tấn, <nguyentrongtan...@gmail.com <mailto:nguyentrongtan...@gmail.com> > wrote: Thanks you katynski for response. But, I had config Haproxy correctly. Here is my config: http://prntscr.com/k2ofwv And, when I use openstack command, that is successful. Here: http://prntscr.com/k2ogau I don’t think I config wrong. I can create, delete, list, show any VM with openstack command successfully. Thanks and Best Regards! Nguyen Trong Tan Openstack group user VietNam. -----Original Message----- From: Bogdan Katynski [mailto:bogdan.katyn...@workday.com <mailto:bogdan.katyn...@workday.com> ] Sent: Wednesday, July 4, 2018 9:50 PM To: Nguyễn Trọng Tấn <nguyentrongtan...@gmail.com <mailto:nguyentrongtan...@gmail.com> > Cc: openstack-operat...@lists.openstack.org <mailto:openstack-operat...@lists.openstack.org> ; openstack@lists.openstack.org <mailto:openstack@lists.openstack.org> ; Lê Quang Long (VDC-IT) <longlq....@gmail.com <mailto:longlq....@gmail.com> > Subject: Re: [Openstack] Novaclient redirect endpoint https into http > > But, I can not use nova command, endpoint nova have been redirected from > https to http. Here: http://prntscr.com/k2e8s6 (command: nova –insecure > service list) First of all, it seems that the nova client is hitting /v2.1 instead of /v2.1/ URI and this seems to be triggering the redirect. Since openstack CLI works, I presume it must be using the correct URL and hence it’s not getting redirected. > > And this is error log: Unable to establish connection to > http://192.168.30.70:8774/v2.1/: ('Connection aborted.', BadStatusLine("''",)) > Looks to me that nova-api does a redirect to an absolute URL. I suspect SSL is terminated on the HAProxy and nova-api itself is configured without SSL so it redirects to an http URL. In my opinion, nova would be more load-balancer friendly if it used a relative URI in the redirect but that’s outside of the scope of this question and since I don’t know the context behind choosing the absolute URL, I could be wrong on that. I had a similar problem with heat-api running behind an Apache reverse proxy, and managed to resolve it by applying the workaround from this bug report: https://bugs.launchpad.net/python-heatclient/+bug/1420907 Setting X-Forwarded-Proto: https before forwarding the request to heat-api fixed the issue for me. -- Bogdan Katyński freenode: bodgix _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org <mailto:openstack@lists.openstack.org> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
