Ask Your Question
0

lbaasv2-dashboard - TERMINATED_HTTPS greyed out

asked 2017-11-05 18:18:09 -0500

blurrybird gravatar image

Hey all,

I am having trouble gaining access to the TERMINATED_HTTPS protocol while using lbaasv2 load balancers via the horizon dashboard plugin. I can access and control all settings via the CLI using the depreciated neutron lbaas-* commands but the TERMINATED_HTTPS protocol appears grey and inaccessible within the browser GUI.

The existing load balancer created with the CLI appears in horizon, but SSL certificates are not available - none shown - for viewing or updating.

I believe this will be permission related, but would like to know what permissions are required for my personal user account to be able to view and modify these settings. Any help you can provide is greatly appreciated!

edit retag flag offensive close merge delete

Comments

further inspection shows that the horizon dashboard calls controllervip/api/barbican/certificates and secrets/ but both fail with 404. It's akin to the issue described here https://lists.gt.net/openstack/dev/62449

blurrybird gravatar imageblurrybird ( 2017-11-07 17:00:10 -0500 )edit
add a comment

2 answers

Sort by ยป oldest newest most voted
0

answered 2018-07-18 07:48:33 -0500

fmount gravatar image

Hi there, we experienced the same issue but after some investigations we found that there was a problem related to the authentication mechanism from horizon components to keystone: the authentication made a fallback from v3 to v2 causing a silent error to the request of the barbican resource.

From this code: https://github.com/openstack/octaviadashboard/blob/master/octavia_dashboard/api/rest/barbican.py (https://github.com/openstack/octaviad...)

I saw that every authentication went to v3, so I checked it in horizon and fix the api call with the correct value.

Francesco

edit flag offensive delete link more
add a comment
0

answered 2017-11-29 20:18:10 -0500

johnsom gravatar image

Hi there, 404 usually implies there is a mis-configuration somewhere such that a resource is not found. The dashboard uses the barbican client code to access barbican. That code is located here and pretty simple: https://github.com/openstack/octavia-...

Without more information and logs it's hard to pinpoint the issue exactly, but here are some things to investigate: 1. Check that "key-manager" is listed with the correct URL in the keystone endpoints configuration. "openstack endpoint list | grep key-manager". If that URL is incorrect It could cause the barbican client to return a 404. 2. Make sure the project you are using in the dashboard has access to barbican and that project has certificate containers and secrets. Sometimes folks will create these with a different project by accident.

Michael

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2017-11-05 18:15:54 -0500

Seen: 272 times

Last updated: Jul 18 '18

Related questions

Neutron doesn't know what lbaas is

Error creating in load balancer "Error: source_type" and "Unable to launch load balancer"

lbaasv2 dashboard issues

Ocata - "nova-manage db sync" fails [closed]

Autoscaling not working

LBaaS v2 in Mirantis 9

Create Instance but the status is ERROR

Domain admin can access entities out of scope

openstack loadbalancer create .... give an ip address out of range of my network (198.51.100.1) !!

Devstack Multinode ocata installation