[Openstack] HEAT - Prohibited endpoint redirect

Jean-Daniel BUSSY silversurfer972 at gmail.com
Wed Nov 20 15:38:32 UTC 2013 

Seems legit.
Did you manually hide the public url ip for discretion or? Just to make
sure...


*BUSSY Jean-Daniel*
Cloud Engineer | GREE
Mobile: +81 090-3317-1337
Email: silversurfer972 at gmail.com


On Wed, Nov 20, 2013 at 11:30 PM, Therese Persson <
therese.persson at ericsson.com> wrote:

>  Here is a text file with my service list and endpoint list.
>
>
>
> /Therese
>
>
>
>
>
>
>
> *From:* Jean-Daniel BUSSY [mailto:silversurfer972 at gmail.com]
> *Sent:* den 20 november 2013 15:00
>
> *To:* Therese Persson
> *Cc:* openstack at lists.openstack.org
> *Subject:* Re: [Openstack] HEAT - Prohibited endpoint redirect
>
>
>
> Can you paste your endpoint list?
>
>
>
> *BUSSY Jean-Daniel*
>
> Cloud Engineer | GREE
> Mobile: +81 090-3317-1337
> Email: silversurfer972 at gmail.com
>
>
>
> On Wed, Nov 20, 2013 at 9:37 PM, Therese Persson <
> therese.persson at ericsson.com> wrote:
>
> Thank you for the help, I changed the endpoint yesterday but it did not
> work at first.
> Though, when I tried to delete the stack today it had suddenly started
> working, even though I have not changed anything else or rebooted the
> machines.
>
>
>
> Really strange…
>
>
>
>
>
>
>
> *From:* Jean-Daniel BUSSY [mailto:silversurfer972 at gmail.com]
> *Sent:* den 20 november 2013 07:24
> *To:* Therese Persson
> *Cc:* openstack at lists.openstack.org
>
>
> *Subject:* Re: [Openstack] HEAT - Prohibited endpoint redirect
>
>
>
> ​​
>
> Ok I looked the endpoints list in a fresh devstack I here is what I found:
>
>
> | 757f96ee33f14fdeac43788cc403ffe6 | RegionOne |
> http://10.0.2.15:8004/v1/$(tenant_id)s |
> http://10.0.2.15:8004/v1/$(tenant_id)s |
> http://10.0.2.15:8004/v1/$(tenant_id)s | ca31fc15accd45698155b6a28e6b326c
> |
>
> The culprit is that antislash "\" that should be used to escape the "("
> and actually end up in the endpoint url.
>
> You should delete the faulty endpoint and add it again like this:
>
>
> keystone endpoint-create --service-id=*[your-service-id]*
>  --publicurl='http://*[controller]*:8004/v1/$(tenant_id)s'
> --internalurl='http://*[controller]*:8004/v1/$(tenant_id)s'
> --adminurl='http://*[controller]*:8004/v1/$(tenant_id)s'
>
> The current havana documentation is a real massacre.
>
> I found the cisco guide to be relevant:
>
> http://docwiki.cisco.com/wiki/OpenStack_Havana_Release:_High-Availability_Manual_Deployment_Guide#Neutron_Installation
>
> Good luck
>
>
>
>
>
>
> *BUSSY Jean-Daniel*
> Cloud Engineer | GREE
> Mobile: +81 090-3317-1337
> Email: silversurfer972 at gmail.com
>
>
>
> On Thu, Nov 14, 2013 at 1:21 AM, Therese Persson <
> therese.persson at ericsson.com> wrote:
>
> Hi,
>
>
>
> I have installed Heat on my controller node and it worked fine two days
> ago, but now I have encountered some problems.
>
> I am still able to create stacks, but I can’t delete the stacks I have
> created. I can delete the instances manually, but when I try to delete the
> stacks I get this message:
>
>
>
> Prohibited endpoint redirect
> http://[EXTERNAL_IP]:8004/v1/%5C519c6e2d263049adba404441f18aac40/stacks/stack4/e67ba337-3f5a-4184-ad45-8445cbfd2d0c
>
>
>
> I also get the same message when I do the command “heat stack-show”. I
> can’t find anything related to the problem in my heat logs.
>
>
>
> /var/log/apache2/error.log:
>
>
>
> [Wed Nov 13 15:59:56 2013] [error] Internal Server Error:
> /horizon/project/stacks/
>
> [Wed Nov 13 15:59:56 2013] [error] Traceback (most recent call last):
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/django/core/handlers/base.py", line 115,
> in get_response
>
> [Wed Nov 13 15:59:56 2013] [error]     response = callback(request,
> *callback_args, **callback_kwargs)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/decorators.py", line 38, in dec
>
> [Wed Nov 13 15:59:56 2013] [error]     return view_func(request, *args,
> **kwargs)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/decorators.py", line 54, in dec
>
> [Wed Nov 13 15:59:56 2013] [error]     return view_func(request, *args,
> **kwargs)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/decorators.py", line 38, in dec
>
> [Wed Nov 13 15:59:56 2013] [error]     return view_func(request, *args,
> **kwargs)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/decorators.py", line 86, in dec
>
> [Wed Nov 13 15:59:56 2013] [error]     return view_func(request, *args,
> **kwargs)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/django/views/generic/base.py", line 68,
> in view
>
> [Wed Nov 13 15:59:56 2013] [error]     return self.dispatch(request,
> *args, **kwargs)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/django/views/generic/base.py", line 86,
> in dispatch
>
> [Wed Nov 13 15:59:56 2013] [error]     return handler(request, *args,
> **kwargs)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/tables/views.py", line 163, in
> post
>
> [Wed Nov 13 15:59:56 2013] [error]     return self.get(request, *args,
> **kwargs)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/tables/views.py", line 155, in get
>
> [Wed Nov 13 15:59:56 2013] [error]     handled = self.construct_tables()
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/tables/views.py", line 146, in
> construct_tables
>
> [Wed Nov 13 15:59:56 2013] [error]     handled = self.handle_table(table)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/tables/views.py", line 121, in
> handle_table
>
> [Wed Nov 13 15:59:56 2013] [error]     handled =
> self._tables[name].maybe_handle()
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/tables/base.py", line 1256, in
> maybe_handle
>
> [Wed Nov 13 15:59:56 2013] [error]     return
> self.take_action(action_name, obj_id)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/tables/base.py", line 1189, in
> take_action
>
> [Wed Nov 13 15:59:56 2013] [error]     response = action.multiple(self,
> self.request, obj_ids)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/tables/actions.py", line 263, in
> multiple
>
> [Wed Nov 13 15:59:56 2013] [error]     return self.handle(data_table,
> request, object_ids)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/tables/actions.py", line 617, in
> handle
>
> [Wed Nov 13 15:59:56 2013] [error]     exceptions.handle(request,
> ignore=ignore)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/horizon/tables/actions.py", line 601, in
> handle
>
> [Wed Nov 13 15:59:56 2013] [error]     self.action(request, datum_id)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/project/stacks/tables.py",
> line 46, in action
>
> [Wed Nov 13 15:59:56 2013] [error]     api.heat.stack_delete(request,
> stack_id)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/api/heat.py",
> line 60, in stack_delete
>
> [Wed Nov 13 15:59:56 2013] [error]     return
> heatclient(request).stacks.delete(stack_id)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/heatclient/v1/stacks.py", line 117, in
> delete
>
> [Wed Nov 13 15:59:56 2013] [error]     self._delete("/stacks/%s" %
> stack_id)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/heatclient/common/base.py", line 64, in
> _delete
>
> [Wed Nov 13 15:59:56 2013] [error]     self.api.raw_request('DELETE', url)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/heatclient/common/http.py", line 212, in
> raw_request
>
> [Wed Nov 13 15:59:56 2013] [error]     return self._http_request(url,
> method, **kwargs)
>
> [Wed Nov 13 15:59:56 2013] [error]   File
> "/usr/lib/python2.7/dist-packages/heatclient/common/http.py", line 172, in
> _http_request
>
> [Wed Nov 13 15:59:56 2013] [error]     raise
> exc.InvalidEndpoint(message=message)
>
> [Wed Nov 13 15:59:56 2013] [error] InvalidEndpoint: Prohibited endpoint
> redirect
> http://[EXTERNAL_IP]:8004/v1/%5C519c6e2d263049adba404441f18aab60/stacks/stack5/5141061b-67b4-4a15-b32f-bacfa15864dc
>
>
>
>
>
> Heat.conf:
>
>
>
> sql_connection = mysql://heat:heat@10.10.10.51/heat
>
>
>
> [keystone_authtoken]
>
> auth_host = 10.10.10.51
>
> auth_uri = http://10.10.10.51:35357/v2.0
>
> auth_port = 35357
>
> auth_protocol = http
>
> admin_tenant_name = service
>
> admin_user = heat
>
> admin_password = heat
>
>
>
> Everything else is commented.
>
>
>
> /etc/heat/api-paste.ini:
>
>
>
> # heat-api pipeline
>
> [pipeline:heat-api]
>
> pipeline = faultwrap versionnegotiation authtoken context apiv1app
>
>
>
> # heat-api pipeline for standalone heat
>
> # ie. uses alternative auth backend that authenticates users against
> keystone
>
> # using username and password instead of validating token (which requires
>
> # an admin/service token).
>
> # To enable, in heat.conf:
>
> #   [paste_deploy]
>
> #   flavor = standalone
>
> #
>
> [pipeline:heat-api-standalone]
>
> pipeline = faultwrap versionnegotiation authpassword context apiv1app
>
>
>
> # heat-api pipeline for custom cloud backends
>
> # i.e. in heat.conf:
>
> #   [paste_deploy]
>
> #   flavor = custombackend
>
> #
>
> [pipeline:heat-api-custombackend]
>
> pipeline = faultwrap versionnegotiation context custombackendauth apiv1app
>
>
>
> # heat-api-cfn pipeline
>
> [pipeline:heat-api-cfn]
>
> pipeline = cfnversionnegotiation ec2authtoken authtoken context apicfnv1app
>
>
>
> # heat-api-cfn pipeline for standalone heat
>
> # relies exclusively on authenticating with ec2 signed requests
>
> [pipeline:heat-api-cfn-standalone]
>
> pipeline = cfnversionnegotiation ec2authtoken context apicfnv1app
>
>
>
> # heat-api-cloudwatch pipeline
>
> [pipeline:heat-api-cloudwatch]
>
> pipeline = versionnegotiation ec2authtoken authtoken context apicwapp
>
>
>
> # heat-api-cloudwatch pipeline for standalone heat
>
> # relies exclusively on authenticating with ec2 signed requests
>
> [pipeline:heat-api-cloudwatch-standalone]
>
> pipeline = versionnegotiation ec2authtoken context apicwapp
>
>
>
> [app:apiv1app]
>
> paste.app_factory = heat.common.wsgi:app_factory
>
> heat.app_factory = heat.api.openstack.v1:API
>
>
>
> [app:apicfnv1app]
>
> paste.app_factory = heat.common.wsgi:app_factory
>
> heat.app_factory = heat.api.cfn.v1:API
>
>
>
> [app:apicwapp]
>
> paste.app_factory = heat.common.wsgi:app_factory
>
> heat.app_factory = heat.api.cloudwatch:API
>
>
>
> [filter:versionnegotiation]
>
> paste.filter_factory = heat.common.wsgi:filter_factory
>
> heat.filter_factory = heat.api.openstack:version_negotiation_filter
>
>
>
> [filter:faultwrap]
>
> paste.filter_factory = heat.common.wsgi:filter_factory
>
> heat.filter_factory = heat.api.openstack:faultwrap_filter
>
>
>
> [filter:cfnversionnegotiation]
>
> paste.filter_factory = heat.common.wsgi:filter_factory
>
> heat.filter_factory = heat.api.cfn:version_negotiation_filter
>
>
>
> [filter:cwversionnegotiation]
>
> paste.filter_factory = heat.common.wsgi:filter_factory
>
> heat.filter_factory = heat.api.cloudwatch:version_negotiation_filter
>
>
>
> [filter:context]
>
> paste.filter_factory = heat.common.context:ContextMiddleware_filter_factory
>
>
>
> [filter:ec2authtoken]
>
> paste.filter_factory = heat.api.aws.ec2token:EC2Token_filter_factory
>
>
>
> # Auth middleware that validates token against keystone
>
> [filter:authtoken]
>
> paste.filter_factory = heat.common.auth_token:filter_factory
>
> auth_uri = http://10.10.10.51:35357/v2.0
>
>
>
> # Auth middleware that validates username/password against keystone
>
> [filter:authpassword]
>
> paste.filter_factory = heat.common.auth_password:filter_factory
>
>
>
> # Auth middleware that validates against custom backend
>
> [filter:custombackendauth]
>
> paste.filter_factory = heat.common.custom_backend_auth:filter_factory
>
>
>
> Any ideas?
>
> /Therese
>
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20131121/f8aa339d/attachment.html>

More information about the Openstack mailing list