← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #16640

[Bug 1334368] [NEW] HEAD and GET inconsistencies in Keystone

  Thread PreviousDate PreviousThread Next 
Public bug reported:

While trying to convert Keystone to gate/check under mod_wsgi, it was
noticed that occasionally a few HEAD calls were returning HTTP 200 where
under eventlet they consistently return HTTP 204.

This is an inconsistency within Keystone. Based upon the RFC, HEAD
should be identitcal to GET except that there is no body returned.
Apache + MOD_WSGI in some cases converts a HEAD request to a GET request
to the back-end wsgi application to avoid issues where the headers
cannot be built to be sent as part of the response (this can occur when
no content is returned from the wsgi app).

This situation shows that Keystone should likely never build specific
HEAD request methods and have HEAD simply call to the controller GET
handler, the wsgi-layer should then simply remove the response body.

This will help to simplify Keystone's code as well as mkae the API
responses more consistent.

Example Error in Gate:

2014-06-25 05:20:37.820 | tempest.api.identity.admin.v3.test_trusts.TrustsV3TestJSON.test_trust_expire[gate,smoke]
2014-06-25 05:20:37.820 | ----------------------------------------------------------------------------------------
2014-06-25 05:20:37.820 | 
2014-06-25 05:20:37.820 | Captured traceback:
2014-06-25 05:20:37.820 | ~~~~~~~~~~~~~~~~~~~
2014-06-25 05:20:37.820 |     Traceback (most recent call last):
2014-06-25 05:20:37.820 |       File "tempest/api/identity/admin/v3/test_trusts.py", line 241, in test_trust_expire
2014-06-25 05:20:37.820 |         self.check_trust_roles()
2014-06-25 05:20:37.820 |       File "tempest/api/identity/admin/v3/test_trusts.py", line 173, in check_trust_roles
2014-06-25 05:20:37.821 |         self.assertEqual('204', resp['status'])
2014-06-25 05:20:37.821 |       File "/usr/local/lib/python2.7/dist-packages/testtools/testcase.py", line 321, in assertEqual
2014-06-25 05:20:37.821 |         self.assertThat(observed, matcher, message)
2014-06-25 05:20:37.821 |       File "/usr/local/lib/python2.7/dist-packages/testtools/testcase.py", line 406, in assertThat
2014-06-25 05:20:37.821 |         raise mismatch_error
2014-06-25 05:20:37.821 |     MismatchError: '204' != '200'


This is likely going to require changes to Keystone, Keystoneclient, Tempest, and possibly services that consume data from keystone.

** Affects: keystone
     Importance: Medium
     Assignee: Morgan Fainberg (mdrnstm)
         Status: Triaged

** Changed in: keystone
   Importance: Undecided => Medium

** Changed in: keystone
       Status: New => Triaged

** Changed in: keystone
     Assignee: (unassigned) => Morgan Fainberg (mdrnstm)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1334368

Title:
  HEAD and GET inconsistencies in Keystone

Status in OpenStack Identity (Keystone):
  Triaged

Bug description:
  While trying to convert Keystone to gate/check under mod_wsgi, it was
  noticed that occasionally a few HEAD calls were returning HTTP 200
  where under eventlet they consistently return HTTP 204.

  This is an inconsistency within Keystone. Based upon the RFC, HEAD
  should be identitcal to GET except that there is no body returned.
  Apache + MOD_WSGI in some cases converts a HEAD request to a GET
  request to the back-end wsgi application to avoid issues where the
  headers cannot be built to be sent as part of the response (this can
  occur when no content is returned from the wsgi app).

  This situation shows that Keystone should likely never build specific
  HEAD request methods and have HEAD simply call to the controller GET
  handler, the wsgi-layer should then simply remove the response body.

  This will help to simplify Keystone's code as well as mkae the API
  responses more consistent.

  Example Error in Gate:

  2014-06-25 05:20:37.820 | tempest.api.identity.admin.v3.test_trusts.TrustsV3TestJSON.test_trust_expire[gate,smoke]
  2014-06-25 05:20:37.820 | ----------------------------------------------------------------------------------------
  2014-06-25 05:20:37.820 | 
  2014-06-25 05:20:37.820 | Captured traceback:
  2014-06-25 05:20:37.820 | ~~~~~~~~~~~~~~~~~~~
  2014-06-25 05:20:37.820 |     Traceback (most recent call last):
  2014-06-25 05:20:37.820 |       File "tempest/api/identity/admin/v3/test_trusts.py", line 241, in test_trust_expire
  2014-06-25 05:20:37.820 |         self.check_trust_roles()
  2014-06-25 05:20:37.820 |       File "tempest/api/identity/admin/v3/test_trusts.py", line 173, in check_trust_roles
  2014-06-25 05:20:37.821 |         self.assertEqual('204', resp['status'])
  2014-06-25 05:20:37.821 |       File "/usr/local/lib/python2.7/dist-packages/testtools/testcase.py", line 321, in assertEqual
  2014-06-25 05:20:37.821 |         self.assertThat(observed, matcher, message)
  2014-06-25 05:20:37.821 |       File "/usr/local/lib/python2.7/dist-packages/testtools/testcase.py", line 406, in assertThat
  2014-06-25 05:20:37.821 |         raise mismatch_error
  2014-06-25 05:20:37.821 |     MismatchError: '204' != '200'

  
  This is likely going to require changes to Keystone, Keystoneclient, Tempest, and possibly services that consume data from keystone.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1334368/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next