← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1816399] [NEW] The periodic task to clean up expired console_auth tokens is invalid

 

Public bug reported:

Description
===========
In compute node, the periodic task to clean up expired console_auth tokens is invalid, can't remove expired console auth tokens for this host.

Steps to reproduce
==================
1.In controller node, config nova-novncproxy using database to store novnc auth tokens.
enable_consoleauth=false

2.In compute node, config vnc server address and token_ttl.
server_proxyclient_address=10.43.203.225
token_ttl=60

3.Restart nova-compute and nova-novncproxy.

4.Using nova command to get novncproxy_base_url and token.

Expected result
===============
The periodic task can remove expired console auth tokens in database.

Actual result
=============

This periodic task is invalid.


Environment
===========
1. Exact version of OpenStack you are running. See the following
master

2. Which hypervisor did you use?
Libvirt + KVM

3. Which networking type did you use?
Neutron with OpenVSwitch

Logs & Configs
==============
1. In console_auth_tokens table, host's value is CONF.vnc.server_proxyclient_address.

    def get_vnc_console(self, context, instance):
        def get_vnc_port_for_instance(instance_name):
            guest = self._host.get_guest(instance)

            xml = guest.get_xml_desc()
            xml_dom = etree.fromstring(xml)

            graphic = xml_dom.find("./devices/graphics[@type='vnc']")
            if graphic is not None:
                return graphic.get('port')
            # NOTE(rmk): We had VNC consoles enabled but the instance in
            # question is not actually listening for connections.
            raise exception.ConsoleTypeUnavailable(console_type='vnc')

        port = get_vnc_port_for_instance(instance.name)
        host = CONF.vnc.server_proxyclient_address

        return ctype.ConsoleVNC(host=host, port=port)


2. In periodic task, the host's value is hostname.

    @periodic_task.periodic_task(spacing=CONF.instance_delete_interval)
    def _cleanup_expired_console_auth_tokens(self, context):
        """Remove expired console auth tokens for this host.

        Console authorization tokens and their connection data are stored
        in the database when a user asks for a console connection to an
        instance. After a time they expire. We periodically remove any expired
        tokens from the database.
        """
        # If the database backend isn't in use, don't bother looking for
        # expired tokens. The database backend is not supported for cells v1.
        if not CONF.cells.enable:
            objects.ConsoleAuthToken.\
                clean_expired_console_auths_for_host(context, self.host)

** Affects: nova
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1816399

Title:
  The periodic task to clean up expired console_auth tokens is invalid

Status in OpenStack Compute (nova):
  New

Bug description:
  Description
  ===========
  In compute node, the periodic task to clean up expired console_auth tokens is invalid, can't remove expired console auth tokens for this host.

  Steps to reproduce
  ==================
  1.In controller node, config nova-novncproxy using database to store novnc auth tokens.
  enable_consoleauth=false

  2.In compute node, config vnc server address and token_ttl.
  server_proxyclient_address=10.43.203.225
  token_ttl=60

  3.Restart nova-compute and nova-novncproxy.

  4.Using nova command to get novncproxy_base_url and token.

  Expected result
  ===============
  The periodic task can remove expired console auth tokens in database.

  Actual result
  =============

  This periodic task is invalid.

  
  Environment
  ===========
  1. Exact version of OpenStack you are running. See the following
  master

  2. Which hypervisor did you use?
  Libvirt + KVM

  3. Which networking type did you use?
  Neutron with OpenVSwitch

  Logs & Configs
  ==============
  1. In console_auth_tokens table, host's value is CONF.vnc.server_proxyclient_address.

      def get_vnc_console(self, context, instance):
          def get_vnc_port_for_instance(instance_name):
              guest = self._host.get_guest(instance)

              xml = guest.get_xml_desc()
              xml_dom = etree.fromstring(xml)

              graphic = xml_dom.find("./devices/graphics[@type='vnc']")
              if graphic is not None:
                  return graphic.get('port')
              # NOTE(rmk): We had VNC consoles enabled but the instance in
              # question is not actually listening for connections.
              raise exception.ConsoleTypeUnavailable(console_type='vnc')

          port = get_vnc_port_for_instance(instance.name)
          host = CONF.vnc.server_proxyclient_address

          return ctype.ConsoleVNC(host=host, port=port)

  
  2. In periodic task, the host's value is hostname.

      @periodic_task.periodic_task(spacing=CONF.instance_delete_interval)
      def _cleanup_expired_console_auth_tokens(self, context):
          """Remove expired console auth tokens for this host.

          Console authorization tokens and their connection data are stored
          in the database when a user asks for a console connection to an
          instance. After a time they expire. We periodically remove any expired
          tokens from the database.
          """
          # If the database backend isn't in use, don't bother looking for
          # expired tokens. The database backend is not supported for cells v1.
          if not CONF.cells.enable:
              objects.ConsoleAuthToken.\
                  clean_expired_console_auths_for_host(context, self.host)

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1816399/+subscriptions


Follow ups