Ask Your Question
0

lbaasv2-dashboard - TERMINATED_HTTPS greyed out

asked 2017-11-05 18:18:09 -0500

blurrybird gravatar image

Hey all,

I am having trouble gaining access to the TERMINATED_HTTPS protocol while using lbaasv2 load balancers via the horizon dashboard plugin. I can access and control all settings via the CLI using the depreciated neutron lbaas-* commands but the TERMINATED_HTTPS protocol appears grey and inaccessible within the browser GUI.

The existing load balancer created with the CLI appears in horizon, but SSL certificates are not available - none shown - for viewing or updating.

I believe this will be permission related, but would like to know what permissions are required for my personal user account to be able to view and modify these settings. Any help you can provide is greatly appreciated!

edit retag flag offensive close merge delete

Comments

further inspection shows that the horizon dashboard calls controllervip/api/barbican/certificates and secrets/ but both fail with 404. It's akin to the issue described here https://lists.gt.net/openstack/dev/62449

blurrybird gravatar imageblurrybird ( 2017-11-07 17:00:10 -0500 )edit
add a comment

2 answers

Sort by ยป oldest newest most voted
0

answered 2017-11-29 20:18:10 -0500

johnsom gravatar image

Hi there, 404 usually implies there is a mis-configuration somewhere such that a resource is not found. The dashboard uses the barbican client code to access barbican. That code is located here and pretty simple: https://github.com/openstack/octavia-...

Without more information and logs it's hard to pinpoint the issue exactly, but here are some things to investigate: 1. Check that "key-manager" is listed with the correct URL in the keystone endpoints configuration. "openstack endpoint list | grep key-manager". If that URL is incorrect It could cause the barbican client to return a 404. 2. Make sure the project you are using in the dashboard has access to barbican and that project has certificate containers and secrets. Sometimes folks will create these with a different project by accident.

Michael

edit flag offensive delete link more
add a comment
0

answered 2018-07-18 07:48:33 -0500

fmount gravatar image

Hi there, we experienced the same issue but after some investigations we found that there was a problem related to the authentication mechanism from horizon components to keystone: the authentication made a fallback from v3 to v2 causing a silent error to the request of the barbican resource.

From this code: https://github.com/openstack/octaviadashboard/blob/master/octavia_dashboard/api/rest/barbican.py (https://github.com/openstack/octaviad...)

I saw that every authentication went to v3, so I checked it in horizon and fix the api call with the correct value.

Francesco

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2017-11-05 18:15:54 -0500

Seen: 330 times

Last updated: Jul 18 '18

Related questions

Ocata lbaasv2 problem

Rabbitmq unstable error in ocata release

Ocata Horizon launch instance modal only displays boot source "Image" and "Image Snapshot".

Jumbo Frame doesnt work in Ocata-Ubuntu

glance image create stuck in saving state in openstack ocata, [Errno 32] Broken pipe

Need fuel-plugin-neutron-lbaas for Fuel 9.0

Nova can't authenticate to neutron

Unable to list extension for network

Getting an error on Glance Image List

libvirtError: internal error: No free USB ports