[GitHub] [cloudstack-primate] wido edited a comment on pull request #898: Add multiple management server support

Wed, 13 Jan 2021 05:23:13 -0800 


wido edited a comment on pull request #898:
URL: 
https://github.com/apache/cloudstack-primate/pull/898#issuecomment-759444072


   I tried this with two management servers from the PCextreme cloud.
   
   <pre>
   server {
       listen       80;
       server_name  localhost;
       location / {
           root   /usr/share/nginx/html;
           index  index.html;
       }
       location /api/ams {
           # http://127.0.0.1:8080 should be replaced your CloudStack management
           # Server's actual URI
           proxy_pass   https://api.XXXXX.eu/ams3;
       }
       location /api/haa {
           # http://127.0.0.1:8080 should be replaced your CloudStack management
           # Server's actual URI
           proxy_pass   https://api.XXXXX.eu/zone01_haa01;
       }
   }
   </pre>
   
   <pre>
   {
     "servers": [
       {
         "name": "Amsterdam",
         "apiBase": "/api/ams"
       },
       {
         "name": "Haarlem",
         "apiBase": "/api/haa"
       }
     ],
   </pre>
   
   I see the requests go to the proper Management server, but my Firefox 
console complains that *sessionkey* cookie expires right away.
   
   The calls which I see:
   
   <pre>
   172.17.0.1 - - [13/Jan/2021:13:18:15 +0000] "POST /api/haa/ HTTP/1.1" 200 
323 "http://localhost:8181/"; "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) 
Gecko/20100101 Firefox/84.0" "-"
   172.17.0.1 - - [13/Jan/2021:13:18:15 +0000] "GET 
/api/haa/?listall=true&command=listZones&response=json HTTP/1.1" 401 126 
"http://localhost:8181/"; "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) 
Gecko/20100101 Firefox/84.0" "-"
   172.17.0.1 - - [13/Jan/2021:13:18:15 +0000] "GET 
/api/haa/?username=admin&command=listUsers&response=json HTTP/1.1" 401 126 
"http://localhost:8181/"; "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) 
Gecko/20100101 Firefox/84.0" "-"
   172.17.0.1 - - [13/Jan/2021:13:18:15 +0000] "GET 
/api/haa/?command=listApis&response=json HTTP/1.1" 401 125 
"http://localhost:8181/"; "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) 
Gecko/20100101 Firefox/84.0" "-"
   </pre>
   
   So some calls work, but others get back a *401 Unauthorized*. Still unclear 
to me what is breaking it here.
   
   Both API endpoints and up at the management servers:
   
   <pre>
   wido@wido-laptop:~$ curl -I http://localhost:8181/api/ams
   HTTP/1.1 401 Unauthorized
   Server: nginx/1.19.6
   Date: Wed, 13 Jan 2021 13:22:08 GMT
   Content-Type: text/xml;charset=utf-8
   Content-Length: 211
   Connection: keep-alive
   X-Content-Type-Options: nosniff
   X-XSS-Protection: 1;mode=block
   content-security-policy: 1
   content-security-policy: default-src=none
   content-security-policy: script-src=self
   content-security-policy: connect-src=self
   content-security-policy: img-src=self
   content-security-policy: style-src=self
   X-Xss-Protection: 1; mode=block
   
   wido@wido-laptop:~$ curl -I http://localhost:8181/api/haa
   HTTP/1.1 401 Unauthorized
   Server: nginx/1.19.6
   Date: Wed, 13 Jan 2021 13:22:11 GMT
   Content-Type: text/xml;charset=utf-8
   Content-Length: 211
   Connection: keep-alive
   X-Content-Type-Options: nosniff
   X-XSS-Protection: 1;mode=block
   content-security-policy: 1
   content-security-policy: default-src=none
   content-security-policy: script-src=self
   content-security-policy: connect-src=self
   content-security-policy: img-src=self
   content-security-policy: style-src=self
   X-Xss-Protection: 1; mode=block
   X-Xss-Protection: 1; mode=block
   
   wido@wido-laptop:~$ 
   </pre>


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to