Handle DiscoveryFailure errors

DiscoveryFailures can happen for a variety of reasons, ranging
from service misconfiguration to a keystone outage to a transient
network failure. If we don't catch and handle the failure here,
it will almost certainly cause something further up the WSGI stack
to send a 500 Internal Error (and likely log a traceback).

A log line like

    Unable to validate token: Could not find versioned identity
    endpoints when attempting to authenticate. Please check that
    your auth_url is correct. Unable to establish connection to
    http://keystone:35357: HTTPConnectionPool(host='keystone',
    port=35357): Max retries exceeded with url: / (Caused by
    NewConnectionError('<urllib3.connection.HTTPConnection
    object at 0x7fc53e22e050>: Failed to establish a new
    connection: [Errno 111] ECONNREFUSED',))

should be plenty enough for an operator to assess the situation;
I don't need a 29-frame traceback.

Change-Id: I946388c09b2ca0230d2cef009c679a7ac7c8398f
This commit is contained in:
Tim Burke 2018-06-13 12:36:21 -07:00 committed by Tim Burke
parent d1b7a1f092
commit 86904543eb
2 changed files with 12 additions and 0 deletions

View File

@ -763,6 +763,7 @@ class AuthProtocol(BaseAuthProtocol):
self._token_cache.set(token_hashes[0], data)
except (ksa_exceptions.ConnectFailure,
ksa_exceptions.DiscoveryFailure,
ksa_exceptions.RequestTimeout,
ksm_exceptions.RevocationListError,
ksm_exceptions.ServiceError) as e:

View File

@ -1070,6 +1070,17 @@ class CommonAuthTokenMiddlewareTest(object):
self.assertIsNone(self._get_cached_token(ERROR_TOKEN))
self.assert_valid_last_url(ERROR_TOKEN)
def test_discovery_failure(self):
def discovery_failure_response(request, context):
raise ksa_exceptions.DiscoveryFailure(
"Could not determine a suitable URL for the plugin")
self.requests_mock.get(BASE_URI, text=discovery_failure_response)
self.call_middleware(headers={'X-Auth-Token': 'token'},
expected_status=503)
self.assertIsNone(self._get_cached_token('token'))
self.assertEqual(BASE_URI, self.requests_mock.last_request.url)
def test_http_request_max_retries(self):
times_retry = 10
body_string = 'The Keystone service is temporarily unavailable.'