yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #79345
[Bug 1816399] Re: The periodic task to clean up expired console_auth tokens is invalid
** Changed in: nova
Importance: Undecided => Medium
** Also affects: nova/rocky
Importance: Undecided
Status: New
** Also affects: nova/stein
Importance: Undecided
Status: New
** Changed in: nova/rocky
Status: New => Confirmed
** Changed in: nova/rocky
Importance: Undecided => Medium
** Changed in: nova/stein
Status: New => Confirmed
** Changed in: nova/stein
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1816399
Title:
The periodic task to clean up expired console_auth tokens is invalid
Status in OpenStack Compute (nova):
In Progress
Status in OpenStack Compute (nova) rocky series:
Confirmed
Status in OpenStack Compute (nova) stein series:
Confirmed
Bug description:
Description
===========
In compute node, the periodic task to clean up expired console_auth tokens is invalid, can't remove expired console auth tokens for this host.
Steps to reproduce
==================
1.In controller node, config nova-novncproxy using database to store novnc auth tokens.
enable_consoleauth=false
2.In compute node, config vnc server address and token_ttl.
server_proxyclient_address=10.43.203.225
token_ttl=60
3.Restart nova-compute and nova-novncproxy.
4.Using nova command to get novncproxy_base_url and token.
Expected result
===============
The periodic task can remove expired console auth tokens in database.
Actual result
=============
This periodic task is invalid.
Environment
===========
1. Exact version of OpenStack you are running. See the following
master
2. Which hypervisor did you use?
Libvirt + KVM
3. Which networking type did you use?
Neutron with OpenVSwitch
Logs & Configs
==============
1. In console_auth_tokens table, host's value is CONF.vnc.server_proxyclient_address.
def get_vnc_console(self, context, instance):
def get_vnc_port_for_instance(instance_name):
guest = self._host.get_guest(instance)
xml = guest.get_xml_desc()
xml_dom = etree.fromstring(xml)
graphic = xml_dom.find("./devices/graphics[@type='vnc']")
if graphic is not None:
return graphic.get('port')
# NOTE(rmk): We had VNC consoles enabled but the instance in
# question is not actually listening for connections.
raise exception.ConsoleTypeUnavailable(console_type='vnc')
port = get_vnc_port_for_instance(instance.name)
host = CONF.vnc.server_proxyclient_address
return ctype.ConsoleVNC(host=host, port=port)
2. In periodic task, the host's value is hostname.
@periodic_task.periodic_task(spacing=CONF.instance_delete_interval)
def _cleanup_expired_console_auth_tokens(self, context):
"""Remove expired console auth tokens for this host.
Console authorization tokens and their connection data are stored
in the database when a user asks for a console connection to an
instance. After a time they expire. We periodically remove any expired
tokens from the database.
"""
# If the database backend isn't in use, don't bother looking for
# expired tokens. The database backend is not supported for cells v1.
if not CONF.cells.enable:
objects.ConsoleAuthToken.\
clean_expired_console_auths_for_host(context, self.host)
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1816399/+subscriptions
References
