Thursday, 2018-11-01

mgagne	so far... in horizon.decorators request.user=AnonymousUser when calling require_auth. that's all I found for now.	00:04
adriant	mgagne: At the very least, open a bug for it with the notes of what you've found	00:32
mgagne	I think I found the issue, just tracking the git history	00:32
adriant	ooo?!	00:32
mgagne	https://github.com/openstack/horizon/blob/master/openstack_auth/backend.py#L72	00:33
mgagne	request is not available and there is a note about monkey patching	00:33
*** betherly has joined #openstack-horizon		00:35
mgagne	usage of self.request goes up to original commit in django_openstack_auth: https://github.com/openstack/django_openstack_auth/commit/9962375e0c5209ff82b7d6b5fda92bfec8dc4e1c	00:35
mgagne	so I'm not sure how it ever worked	00:36
mgagne	because once you are logged, it looks like you don't go through that code path, can't find my debug log	00:36
mgagne	there is patch_middleware_get_user in openstack_auth which monkey patches the get_user of the backend and injects the request attribute. I'm not sure what's supposed to call it.	00:39
adriant	interesting	00:39
mgagne	but your name is in the comments so I feel you should know something :P	00:39
*** betherly has quit IRC		00:39
mgagne	https://github.com/openstack/horizon/blob/master/openstack_auth/utils.py#L63	00:39
mgagne	called here https://github.com/openstack/horizon/blob/master/openstack_auth/urls.py#L20	00:40
adriant	huh	00:41
adriant	so it is	00:41
adriant	Oh, I know why. It's because I was doing the work to migrate between Django versions	00:41
mgagne	and here https://github.com/openstack/horizon/blob/master/openstack_dashboard/settings.py#L196	00:41
mgagne	I don't know what in Django/Horizon loads it	00:42
adriant	https://github.com/openstack/django_openstack_auth/commit/601e1ad44c18b9665c2ec6886438299de72d3761	00:43
mgagne	well, I do use Django 1.11 and it's broken ¯\_(ツ)_/¯	00:43
adriant	I'm curious if this bug existed in earlier versions	00:44
mgagne	https://github.com/openstack/horizon/blob/master/openstack_dashboard/urls.py#L52	00:45
adriant	so it does get called	00:46
adriant	just, in a very roundabout way	00:46
mgagne	nope, only "introspected"	00:46
adriant	OH	00:46
adriant	ffs	00:47
mgagne	but if you access any pages under auth/ in a different browser, you don't get the issue anymore	00:47
adriant	so until it gets called at least once, that code path isn't executed	00:47
mgagne	because now it gets loaded for real	00:47
mgagne	yea	00:47
adriant	so we need to move that function call somewhere else	00:47
mgagne	I suppose ;)	00:47
*** cshen has joined #openstack-horizon		00:50
*** cshen has quit IRC		00:54
*** betherly has joined #openstack-horizon		00:56
adriant	nope	00:57
adriant	tried moving it to openstack_dashboard/urls.py	00:58
adriant	same error	00:58
mgagne	I tried to move it around and I get other errors from Django	01:01
*** betherly has quit IRC		01:01
mgagne	could be that django.contrib.auth.middleware.AuthenticationMiddleware is already loaded at that moment	01:03
mgagne	but at this point, I'm like that dog in the lab, I don't know what I'm doing.	01:04
adriant	yeah, that's about where I got to when chasing this last time. :/	01:06
mgagne	so django.middleware.common.CommonMiddleware is early enough but might not be the right place. :P	01:06
mgagne	I might just create a dummy middleware and load it from there	01:08
mgagne	someone else had a similar idea https://opensourcehacker.com/2010/08/12/applying-monkey-patches-in-django-middleware-layer/	01:09
mgagne	I'm gonna be that guy https://gist.github.com/mgagne/185776102e73766571978ac295861baa	01:13
*** dayou has quit IRC		01:38
adriant	does it work?	01:47
mgagne	yes	01:47
mgagne	I can restart with 20 processes, no issue.	01:48
*** betherly has joined #openstack-horizon		01:48
mgagne	just going to reset my environment to make sure	01:48
mgagne	all looks fine, currently repackaging on my side	01:50
adriant	just adding the same to my code and will test	01:51
adriant	where in the middleware classes list did you put it?	01:51
mgagne	1st one	01:51
*** betherly has quit IRC		01:52
adriant	works!	01:55
adriant	I've limited gunicorn to 1 worker, and am having it restart after 5 requests	01:55
adriant	i've not seen a logout	01:56
mgagne	=)	01:56
adriant	mgagne: I expect to see a patch asap, and I would still file a bug report to help the horizon team understand the bug	01:58
adriant	mgagne: thanks sooooo much	01:59
adriant	I can't wait to port this to our build	01:59
mgagne	hehe, it bothers me too	01:59
adriant	mostly because... horizon has a memory leak problem, and we solve that by restarting it often...	02:00
adriant	which makes our users get "logged out"	02:00
mgagne	ouch	02:00
mgagne	yea, we had to restart Horizon too, OOM. but running Kilo in some environments.	02:00
adriant	so the memory problem is mostly due to the memoized cached	02:01
mgagne	there is a bug already: https://bugs.launchpad.net/horizon/+bug/1764622	02:01
openstack	Launchpad bug 1764622 in OpenStack Dashboard (Horizon) "Restarting the web server causes users to get kicked out" [Undecided,Confirmed]	02:01
adriant	and the solution (sort of) to the memory leak issue: https://review.openstack.org/#/c/605024/ and https://review.openstack.org/#/c/608801	02:02
adriant	oh cool, not sure how I missed that bug	02:02
openstackgerrit	Adrian Turjak proposed openstack/horizon master: rework memoized as a LRU cache with expiry https://review.openstack.org/608801	02:12
mgagne	ok, added details in bug, I will propose a fix tomorrow as it's 10pm here. you can propose a fix too if you want or have a better idea.	02:17
adriant	nah, that fix is perfect	02:19
adriant	mgagne: but do add me to review :)	02:19
adriant	and if the memory leak affects you, feel free to review/test the above two patches	02:20
mgagne	it took a couple of weeks/months to get the OOM :P	02:20
mgagne	or maybe it crashed and restarted by itself with Puppet. who knows	02:21
adriant	ah, and no many users probably?	02:22
adriant	not*	02:22
openstackgerrit	Mathieu Gagné proposed openstack/horizon master: Fix django.contrib.auth.middleware monkey patching https://review.openstack.org/614673	02:36
mgagne	we have multiple web servers too so I don't know for sure.	02:37
openstackgerrit	Mathieu Gagné proposed openstack/horizon master: Fix django.contrib.auth.middleware monkey patching https://review.openstack.org/614673	02:43
*** Leo_m has quit IRC		02:45
*** Leo_m has joined #openstack-horizon		02:50
*** cshen has joined #openstack-horizon		02:51
*** cshen has quit IRC		02:55
*** betherly has joined #openstack-horizon		03:21
*** betherly has quit IRC		03:26
*** btully has joined #openstack-horizon		03:38
*** btully has quit IRC		03:42
*** betherly has joined #openstack-horizon		03:53
openstackgerrit	Andy Botting proposed openstack/horizon master: Support setting more visibility options for edit/create image https://review.openstack.org/602468	03:55
openstackgerrit	Andy Botting proposed openstack/horizon master: Better support for community images https://review.openstack.org/614688	03:55
*** betherly has quit IRC		03:57
openstackgerrit	Andy Botting proposed openstack/horizon master: Support setting more visibility options for edit/create image https://review.openstack.org/602468	03:58
*** dayou has joined #openstack-horizon		03:59
*** betherly has joined #openstack-horizon		04:24
*** betherly has quit IRC		04:29
*** cshen has joined #openstack-horizon		04:51
*** cshen has quit IRC		04:56
openstackgerrit	Adrian Turjak proposed openstack/horizon master: Fix django.contrib.auth.middleware monkey patching https://review.openstack.org/614673	04:58
adriant	mgagne: I've submitted some additional cleanup to your patch rather than leaving notes because I thought it would make your life a little easier than chasing comments. :)	05:12
*** betherly has joined #openstack-horizon		05:16
*** betherly has quit IRC		05:21
*** ircuser-1 has quit IRC		05:24
*** btully has joined #openstack-horizon		05:26
*** btully has quit IRC		05:31
openstackgerrit	Adrian Turjak proposed openstack/horizon master: IGNORE THIS https://review.openstack.org/614697	05:37
*** betherly has joined #openstack-horizon		05:37
*** betherly has quit IRC		05:42
*** betherly has joined #openstack-horizon		05:57
*** betherly has quit IRC		06:02
*** cshen has joined #openstack-horizon		06:15
*** cshen has quit IRC		06:21
*** cshen has joined #openstack-horizon		06:43
*** cshen has quit IRC		07:08
*** cshen has joined #openstack-horizon		07:14
*** cshen has quit IRC		07:19
*** cshen has joined #openstack-horizon		07:34
*** cshen has quit IRC		07:39
*** pcaruana\|elisa\| has joined #openstack-horizon		07:40
openstackgerrit	OpenStack Proposal Bot proposed openstack/horizon master: Imported Translations from Zanata https://review.openstack.org/614704	07:50
*** pcaruana\|elisa\| has quit IRC		07:59
*** pcaruana has joined #openstack-horizon		08:05
*** cshen has joined #openstack-horizon		08:06
*** cshen has quit IRC		08:38
*** cshen has joined #openstack-horizon		08:48
*** rdopiera has joined #openstack-horizon		08:55
*** jpich has joined #openstack-horizon		09:00
*** e0ne has joined #openstack-horizon		09:43
*** ChanServ sets mode: +o e0ne		09:43
*** v12aml has joined #openstack-horizon		09:44
*** phuongnh has joined #openstack-horizon		10:15
*** phuongnh has quit IRC		10:31
*** e0ne has quit IRC		10:32
*** e0ne has joined #openstack-horizon		10:36
*** ChanServ sets mode: +o e0ne		10:36
*** jtomasek has quit IRC		10:43
*** jtomasek has joined #openstack-horizon		10:45
*** dave-mccowan has joined #openstack-horizon		10:45
*** btully has joined #openstack-horizon		10:53
*** btully has quit IRC		10:57
*** pcaruana has quit IRC		11:05
*** cshen has quit IRC		11:50
*** cshen has joined #openstack-horizon		11:52
*** pcaruana has joined #openstack-horizon		11:52
mgagne	adriant: go ahead	12:25
adriant	mgagne: I already did, and it seems to have actually fixed a failure :)	12:26
adriant	to test that I pushed https://review.openstack.org/#/c/614697/ to see if the same failure happened again, and it did	12:27
mgagne	was it mostly related to how tests were done?	12:27
adriant	more so to how the middleware was used	12:27
adriant	it needed to be able to be called	12:28
mgagne	in tests right? because I didn't see any issue so far in my setup	12:28
adriant	when I included the monkey patching middleware, the tests kept failing because something kept trying to call the middleware	12:28
adriant	so adding that extra logic to the middleware which does pretty much nothing fixed it	12:29
mgagne	+1	12:29
* adriant isn't exactly sure what he fixed, but it works so shrug		12:29
adriant	and now we aren't being silly and also calling the middleware in weird places	12:30
adriant	I mean	12:30
adriant	calling the monkeypatch	12:30
mgagne	I'm not sure I fully understand the fix because there is no __init__ in the other middlewares	12:31
mgagne	hmm	12:32
mgagne	found one in MiddlewareMixin	12:32
mgagne	ok, so be it	12:32
adriant	https://docs.djangoproject.com/en/1.11/topics/http/middleware/	12:33
adriant	django's example middleware has it	12:33
adriant	that's pretty much what I based it on	12:33
adriant	let me revert my code a sec and rerun the tests, I can show you the failure	12:33
mgagne	it's fine, I saw the failure yesterday	12:35
mgagne	something like object() takes no parameters	12:36
adriant	mgagne: http://paste.openstack.org/show/733773/	12:36
adriant	yeah, that	12:36
mgagne	still weird because I didn't get any issue in unit tests on my side with queens. Django==1.11.9	12:38
mgagne	or it doesn't test what I think it's testing :D	12:38
adriant	it only happened for me when I added the middleware to the openstack_auth test settings.py	12:40
adriant	but the extra code in the middleware effectively does nothing, so it doesn't matter anyway and I guess is now compatible with whatever different ways it can be used	12:41
adriant	I'm still just so happy and thankful you found the bug!	12:42
mgagne	=) finally	12:42
adriant	with that gone our memory leak problems, while still not idle, are mostly fixed with having uwsgi or gunicorn restart the workers more often.	12:42
mgagne	now... how hard would it be to fix that "bug" ? ;) https://bugs.launchpad.net/horizon/+bug/1609777	12:45
openstack	Launchpad bug 1609777 in OpenStack Dashboard (Horizon) "'can_set_password' ignored in the new launch instance experience" [Medium,In progress] - Assigned to Pascal Boutin (pboutin)	12:45
adriant	mgagne: amusingly enough... I was actually talking about that recently with my boss. It causes us a bit of pain for windows vms.	12:47
mgagne	us too, we had to revert to the legacy launch instance	12:48
adriant	we just get people to setup their windows machines via the web console	12:48
mgagne	Pascal Boutin is no longer working with us so there won't be an update on that change	12:49
mgagne	adriant: not really an option because there is a random admin password generated by Nova that Horizon doesn't show on boot.	12:50
adriant	"As a user, when I launch a new instance, I want to be able to define a password for its default user, so that I can log in to it from the web console."	12:51
adriant	just digging through our UX related backlog	12:51
adriant	we actually would be interested in redoing the entirety of the launch instance workflow... but that's not an easy task and it's too low priority for us	12:52
adriant	huh, this is an interesting one too:	12:53
mgagne	at this point, I just want an admin password field :P	12:53
adriant	As a cloud user, when I request the cloud to generate an SSH key on my behalf, I want to download the private key by default and have an option to copy it, so that on my Windows desktop I don't have a broken key.	12:53
adriant	Acceptance criteria:	12:53
adriant	Download option must be the default	12:53
adriant	The plain text key should be hidden by default	12:53
adriant	If the user clicks on the copy to clipboard action, then the plain text key is shown and the key is copied to the clipboard	12:53
adriant	we kept having issues with the copy/paste action in horizon for generated keys broke when using tools like putty and such on windows	12:54
mgagne	what's a broken key?	12:54
mgagne	oh, right. the key is not in the putty format?	12:54
adriant	extra spaces, tabs, etc, windows was interpreting it weirdly	12:54
adriant	the content was fine if you cleaned it up manually, but something about windows and copy/paste doesn't work	12:55
mgagne	:-/	12:55
*** e0ne has quit IRC		12:55
mgagne	I think our user base still use/prefer passwords although I agree it might not be for the best.	12:56
adriant	we mostly try to disallow it, but... windows VMs that's not an option	12:57
mgagne	so yea, if we could get an admin password field, that would be great ™	12:57
adriant	I'll add a note to our ticket for that so if we do anything related to it, to follow up with you as well.	12:58
mgagne	thanks!	12:58
adriant	I'm not a horizon core dev though, I just happen to be the person from our company who tends to deal with its code the most	12:59
mgagne	we have that feature in our backlog as well, marked as impeded for ~1 year =)	12:59
adriant	for us it's most just soooooo low a priority	12:59
*** cshen has quit IRC		13:01
mgagne	hehe, just found that that you are from catalyst and I think we still have a story in our backlog related to some of your optimizations we need to test.	13:02
adriant	mgagne: to be fair, a lot of those aren't entirely all that helpful. The problem ultimately is just too many API calls. But at least some I'm vaguely tempted to do a little about if I can get https://review.openstack.org/#/c/608801/ merged. Mostly add a little bit of extra caching globally (extension lists), or per project.	13:09
adriant	like for example: https://review.openstack.org/#/c/511095/ nova extensions don't change often, we can cache that once, refresh it every 24hrs, and that's maybe one less API call.	13:10
mgagne	yes, this one was in our list ^	13:11
mgagne	but like you, Horizon optimization is very low on our list, mostly best effort.	13:11
adriant	yep	13:12
adriant	although in recent weeks... the memory leak has become a priority	13:12
mgagne	until I'm annoyed enough that I just take the time to fix it	13:12
adriant	we... have been having to restart horizon 1-2 times a day, and carefully because of that logout bug	13:13
adriant	we used to just let uwsgi handle it, but we started getting too many users so it restarted workers too often and oddly logged out people	13:13
mgagne	:-/	13:14
adriant	Horizon shouldn't really eat 4gb of memory per host when it's only running 4 uwsgi workers	13:16
mgagne	¯\_(ツ)_/¯	13:16
adriant	exactly	13:16
*** belmoreira has joined #openstack-horizon		13:17
adriant	anyway, off to sleep. Can you test that my changes still solve the logout issue for you?	13:19
adriant	and I'll do the same tomorrow with my gunicorn setup	13:20
mgagne	I can test and report in the change.	13:22
adriant	mgagne: ty! I'm looking forward to seeing it merged, and backported to our current horizon package	13:22
mgagne	+1	13:22
adriant	well, cherrypicked to our internal repo	13:22
*** cshen has joined #openstack-horizon		13:24
mgagne	small nit for django 1.11, commented in change	13:29
*** cshen has quit IRC		13:29
*** tolisbar has joined #openstack-horizon		13:34
*** lblanchard has joined #openstack-horizon		13:36
*** cshen has joined #openstack-horizon		13:40
*** e0ne has joined #openstack-horizon		13:40
*** ChanServ sets mode: +o e0ne		13:40
tolisbar	hello all. I've deployed openstack rocky through ansible-kolla 7.0.0 with internal/external networking, and the network_interface, neutron_external_interface, and kolla_external_vip_interface defined in the invenrory. My globals is this(https://pastebin.com/HicQXYaC). When I try to access horizon I get redirected to /horizon/auth/login/?next=/ which is a 404. My horizon.lon and horizon-access.log	13:44
tolisbar	are here(https://pastebin.com/u9E8hLF0) and here(https://pastebin.com/AN4rM9N6). Any idea what might be causing this ?	13:44
*** Leo_m has quit IRC		13:44
*** cshen has quit IRC		13:48
*** e0ne_ has joined #openstack-horizon		14:09
*** ChanServ sets mode: +o e0ne_		14:09
*** e0ne has quit IRC		14:10
*** Leo_m has joined #openstack-horizon		14:31
*** btully has joined #openstack-horizon		14:31
*** Leo_m has quit IRC		14:31
*** Leo_m has joined #openstack-horizon		14:32
*** cshen has joined #openstack-horizon		14:33
*** btully has quit IRC		14:36
*** mvkr has quit IRC		14:40
*** mvkr has joined #openstack-horizon		15:11
*** kukacz has quit IRC		15:12
*** itlinux has quit IRC		15:13
*** kukacz has joined #openstack-horizon		15:19
*** gyee has joined #openstack-horizon		15:33
*** e0ne_ has quit IRC		15:34
*** e0ne has joined #openstack-horizon		15:34
*** ChanServ sets mode: +o e0ne		15:34
*** belmoreira has quit IRC		16:11
*** jpich has quit IRC		16:13
*** dnguyen has joined #openstack-horizon		16:13
*** itlinux has joined #openstack-horizon		16:13
*** dnguyen has quit IRC		16:18
*** ircuser-1 has joined #openstack-horizon		16:20
*** cshen has quit IRC		16:25
*** e0ne has quit IRC		16:26
*** cshen has joined #openstack-horizon		16:41
*** cshen has quit IRC		16:47
*** cshen has joined #openstack-horizon		16:51
*** cshen has quit IRC		16:56
*** belmoreira has joined #openstack-horizon		17:02
*** belmoreira has quit IRC		17:19
*** belmoreira has joined #openstack-horizon		17:20
*** e0ne has joined #openstack-horizon		17:31
*** ChanServ sets mode: +o e0ne		17:31
*** tolisbar has quit IRC		17:37
*** jpich has joined #openstack-horizon		17:38
*** e0ne has quit IRC		17:47
*** cshen has joined #openstack-horizon		17:48
*** e0ne has joined #openstack-horizon		17:59
*** ChanServ sets mode: +o e0ne		17:59
*** e0ne has quit IRC		18:02
*** e0ne has joined #openstack-horizon		18:05
*** ChanServ sets mode: +o e0ne		18:05
*** e0ne has quit IRC		18:07
*** btully has joined #openstack-horizon		18:08
*** btully has quit IRC		18:13
*** mvkr has quit IRC		18:47
*** belmoreira has quit IRC		18:48
*** jpich has quit IRC		18:59
*** itlinux has quit IRC		19:01
*** pcaruana has quit IRC		19:05
*** belmoreira has joined #openstack-horizon		19:32
*** itlinux has joined #openstack-horizon		19:39
*** mvkr has joined #openstack-horizon		19:51
openstackgerrit	Andrew Bogott proposed openstack/horizon master: Server overview: display hypervisor name if available https://review.openstack.org/614328	19:54
*** cshen has quit IRC		19:57
*** btully has joined #openstack-horizon		19:58
*** btully has quit IRC		20:02
*** cshen has joined #openstack-horizon		20:09
*** e0ne has joined #openstack-horizon		20:11
*** ChanServ sets mode: +o e0ne		20:11
*** belmoreira has quit IRC		20:12
*** itlinux has quit IRC		20:14
*** itlinux has joined #openstack-horizon		20:14
*** e0ne has quit IRC		20:28
*** dave-mccowan has quit IRC		20:32
*** belmoreira has joined #openstack-horizon		20:35
*** belmoreira has quit IRC		20:35
*** rdopiera has quit IRC		20:50
*** lblanchard has quit IRC		20:53
*** btully has joined #openstack-horizon		21:46
*** btully has quit IRC		21:51
openstackgerrit	Adrian Turjak proposed openstack/horizon master: Fix django.contrib.auth.middleware monkey patching https://review.openstack.org/614673	21:53
adriant	mgagne: ^ see if that works for you	22:14
mgagne	adriant: I didn't get any error after adding the optional parameter to constructor. So I suspect middleware doesn't need to be a callable in Django 1.11.	22:15
mgagne	let me test	22:16
mgagne	to make sure	22:16
*** threestrands has joined #openstack-horizon		22:17
mgagne	no issue on my side	22:17
mgagne	adriant: ^	22:18
adriant	cool, just backporting it to my horizon to test	22:20
adriant	sweet, seems to work	22:28
*** Leo_m has quit IRC		22:36
*** cshen has quit IRC		22:56
*** lblanchard has joined #openstack-horizon		22:58
*** mvkr has quit IRC		23:22
*** mvkr has joined #openstack-horizon		23:23
*** btully has joined #openstack-horizon		23:35
*** btully has quit IRC		23:39
*** gyee has quit IRC		23:58

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!