https://admin.fedoraproject.org/accounts/yubikey/ Test Auth fails and result in 500
The problem is that the fas pod (running the web interface) tries to query the yubikey pod and gets a connection refused from it.
cherrypy.msg INFO HTTP: Page handler: <bound method YubikeyPlugin.self_test of <fas_yubikey.YubikeyPlugin object at 0x3744250>> Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/CherryPy-2.3.0-py2.6.egg/cherrypy/_cphttptools.py", line 121, in _run self.main() File "/usr/lib/python2.6/site-packages/CherryPy-2.3.0-py2.6.egg/cherrypy/_cphttptools.py", line 264, in main body = page_handler(*virtual_path, **self.params) File "<string>", line 3, in self_test File "/usr/lib/python2.6/site-packages/turbogears/controllers.py", line 361, in expose *args, **kw) File "<generated code>", line 0, in run_with_transaction File "/usr/lib/python2.6/site-packages/peak/rules/core.py", line 153, in __call__ return self.body(*args, **kw) File "/usr/lib/python2.6/site-packages/turbogears/database.py", line 458, in sa_rwt retval = func(*args, **kw) File "/usr/lib/python2.6/site-packages/turbogears/controllers.py", line 244, in _expose @abstract() File "<generated code>", line 0, in _expose File "/usr/lib/python2.6/site-packages/peak/rules/core.py", line 153, in __call__ return self.body(*args, **kw) File "/usr/lib/python2.6/site-packages/turbogears/controllers.py", line 390, in <lambda> fragment, options, args, kw))) File "/usr/lib/python2.6/site-packages/turbogears/controllers.py", line 425, in _execute_func output = errorhandling.try_call(func, *args, **kw) File "/usr/lib/python2.6/site-packages/turbogears/errorhandling.py", line 77, in try_call return func(self, *args, **kw) File "/usr/lib/python2.6/site-packages/fas_yubikey/__init__.py", line 302, in self_test otp_verify(uid, otp) File "/usr/lib/python2.6/site-packages/fas_yubikey/__init__.py", line 126, in otp_verify fh = urllib2.urlopen(server_url) File "/usr/lib64/python2.6/urllib2.py", line 126, in urlopen return _opener.open(url, data, timeout) File "/usr/lib64/python2.6/urllib2.py", line 391, in open response = self._open(req, data) File "/usr/lib64/python2.6/urllib2.py", line 409, in _open '_open', req) File "/usr/lib64/python2.6/urllib2.py", line 369, in _call_chain result = func(*args) File "/usr/lib64/python2.6/urllib2.py", line 1190, in http_open return self.do_open(httplib.HTTPConnection, req) File "/usr/lib64/python2.6/urllib2.py", line 1165, in do_open raise URLError(err) URLError: <urlopen error [Errno 111] Connection refused>
I was thinking it might be a resolution issue, but I changed it from http://yubikey:8080/ to http://yubikey.fas.svc.cluster.local:8080/ (which resolves fine on the nodes) and it still failed. So, there's something deeper in inter pod communication here.
Metadata Update from @kevin: - Issue priority set to: Waiting on Assignee (was: Needs Review)
ok. I think I have fixed this in staging
Can you please try there and confirm it's fixed?
@sumantrom have you had a chance to test in staging?
Let's close and reopen if this is not fixed.
Metadata Update from @cverna: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
I actually only fixed it in staging. ;) But I guess until someone confirms it works there, I will just wait and we can keep this closed.
Login to comment on this ticket.