On Tue, Sep 28 2021 at 05:19:29 PM +1000, Ian Wienand <iwienand@redhat.com> wrote:
On Tue, Sep 28, 2021 at 03:27:23PM +1000, Ian Wienand wrote:
The recent security update @
https://launchpad.net/ubuntu/focal/+source/apache2/+changelog
does a lot of stuff.
frickler was actually onto this before me; see [1].
In short, it looks like we have found an issue with our ProxyPass config and the way it uses trailing slashes. See [2]
We can either do
ProxyPass "/placement/" "unix:/var/run/uwsgi/placement-api.socket|uwsgi://uwsgi-uds-placement-api/" retry=0
(note "placement/" and then "uwsgi://uwsgi-uds-placement-api/") or
ProxyPass "/placement" "unix:/var/run/uwsgi/placement-api.socket|uwsgi://uwsgi-uds-placement-api" retry=0
both appear to work. I'm not sure which is better? We could enforce either in the function. As of right now 811303 is still testing, but it's looking good.
Thank you all for troubleshooting and finding the solution. I think we need to use the '/placement' variant to allow GET http://<ip>/placement to be routed to the placement app. As far as I see if we use '/placement/' variant then /placement is not routed and that would be a breaking API change. Cheers, gibi
-i
[1] https://meetings.opendev.org/irclogs/%23openstack-qa/%23openstack-qa.2021-09... [2] https://review.opendev.org/c/openstack/devstack/+/811303