1190059 – Navigating 'All containers' menu after creating a internal docker compute resource with unix:///var/run/docker.sock raises: 500 ISE

Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1190059 - Navigating 'All containers' menu after creating a internal docker compute resource with unix:///var/run/docker.sock raises: 500 ISE

Summary: Navigating 'All containers' menu after creating a internal docker compute res...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	WebUI
Sub Component:
Version:	Unspecified
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	Unspecified
Assignee:	Daniel Lobato Garcia
QA Contact:	Og Maciel
Docs Contact:
URL:	http://projects.theforeman.org/issues...
Whiteboard:
Depends On:
Blocks:	1190289
TreeView+	depends on / blocked

Reported:	2015-02-06 08:34 UTC by Sachin Ghai
Modified:	2017-02-23 20:35 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1192614 (view as bug list)
Environment:
Last Closed:	2015-08-12 13:59:34 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
Firebug raises internal server error on navigating 'All containers' (60.07 KB, image/png) 2015-02-06 08:34 UTC, Sachin Ghai	no flags	Details
No longer getting a 500 and error page. (46.92 KB, image/png) 2015-03-26 15:48 UTC, Og Maciel	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Foreman Issue Tracker	9275	0	Normal	Closed	Navigating 'All containers' menu after creating a internal docker compute resource with unix:///var/run/docker.sock rais...	2020-07-30 04:20:28 UTC

Description Sachin Ghai 2015-02-06 08:34:47 UTC

Created attachment 988767 [details]
Firebug raises internal server error on navigating 'All containers'

Description of problem:
I created a internal docker compute resource by specifying "unix:///var/run/docker.sock" in the URl.

then I navigate to 'All containers' and UI raises error:

--
Oops, we're sorry but something went wrong
No such file or directory - connect(2) (Errno::ENOENT)
--


error in production.log:
==========================

Processing by ContainersController#index as HTML
String does not start with the prefix 'encrypted-', so ForemanDocker::Docker test was not decrypted
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/foreman_docker-1.0.1/app/views/containers/_list.html.erb (429.6ms)
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/foreman_docker-1.0.1/app/views/containers/index.html.erb within layouts/application (454.3ms)
Operation FAILED: No such file or directory - connect(2) (Errno::ENOENT)
  Rendered common/500.html.erb within layouts/application (100.6ms)
  Rendered layouts/base.html.erb (2.8ms)
Completed 500 Internal Server Error in 1567ms (Views: 483.2ms | ActiveRecord: 1.2ms)

firebug raises error:
======================
"NetworkError: 500 Internal Server Error - https://hp-ml370g5-01.rhts.eng.bos.redhat.com/containers"



Version-Release number of selected component (if applicable):
* apr-util-ldap-1.3.9-3.el6_0.1.x86_64
* candlepin-0.9.41-1.el6.noarch
* candlepin-common-1.0.20-1.el6.noarch
* candlepin-scl-1-5.el6_4.noarch
* candlepin-scl-quartz-2.1.5-5.el6_4.noarch
* candlepin-scl-rhino-1.7R3-1.el6_4.noarch
* candlepin-scl-runtime-1-5.el6_4.noarch
* candlepin-selinux-0.9.41-1.el6.noarch
* candlepin-tomcat6-0.9.41-1.el6.noarch
* elasticsearch-0.90.10-7.el6.noarch
* foreman-1.7.2.3-1.el6_6sat.noarch
* foreman-compute-1.7.2.3-1.el6_6sat.noarch
* foreman-gce-1.7.2.3-1.el6_6sat.noarch
* foreman-libvirt-1.7.2.3-1.el6_6sat.noarch
* foreman-ovirt-1.7.2.3-1.el6_6sat.noarch
* foreman-postgresql-1.7.2.3-1.el6_6sat.noarch
* foreman-proxy-1.7.2.1-1.el6_6sat.noarch
* foreman-selinux-1.7.2.8-1.el6_6sat.noarch
* foreman-vmware-1.7.2.3-1.el6_6sat.noarch
* katello-2.2.0.2-1.el6_6sat.noarch
* katello-certs-tools-2.2.1-1.el6_6sat.noarch
* katello-common-2.2.0.2-1.el6_6sat.noarch
* katello-default-ca-1.0-1.noarch
* katello-installer-2.2.0.3-1.el6_6sat.noarch
* katello-installer-base-2.2.0.3-1.el6_6sat.noarch
* katello-server-ca-1.0-1.noarch
* openldap-2.4.39-8.el6.x86_64
* openldap-devel-2.4.39-8.el6.x86_64
* pulp-docker-plugins-0.2.1-0.2.beta.el6_6sat.noarch
* pulp-katello-0.3-4.el6sat.noarch
* pulp-nodes-common-2.5.0-0.7.beta.el6_6sat.noarch
* pulp-nodes-parent-2.5.0-0.7.beta.el6_6sat.noarch
* pulp-puppet-plugins-2.5.0-0.7.beta.el6sat.noarch
* pulp-puppet-tools-2.5.0-0.7.beta.el6sat.noarch
* pulp-rpm-plugins-2.5.0-0.7.beta.el6_6sat.noarch
* pulp-selinux-2.5.0-0.7.beta.el6_6sat.noarch
* pulp-server-2.5.0-0.7.beta.el6_6sat.noarch
* python-ldap-2.3.10-1.el6.x86_64
* ruby193-rubygem-ldap_fluff-0.3.2-1.el6_6sat.noarch
* ruby193-rubygem-net-ldap-0.3.1-3.el6sat.noarch
* ruby193-rubygem-runcible-1.3.0-1.el6_6sat.noarch
* rubygem-hammer_cli-0.1.4.3-1.el6_6sat.noarch
* rubygem-hammer_cli_foreman-0.1.4.3-1.el6_6sat.noarch
* rubygem-hammer_cli_foreman_bootdisk-0.1.2.4-1.el6_6sat.noarch
* rubygem-hammer_cli_foreman_tasks-0.0.3.1-1.el6_6sat.noarch
* rubygem-hammer_cli_gutterball-0.0.1.1-1.el6_6sat.noarch
* rubygem-hammer_cli_import-0.10.6-1.el6sat.noarch
* rubygem-hammer_cli_katello-0.0.7.1-1.el6_6sat.noarch

How reproducible:
always

Steps to Reproduce:
1. create a internal docker compute-resource with url:
"unix:///var/run/docker.sock" in the URl.
2. Go to containers --> 'All containers'


Actual results:
"NetworkError: 500 Internal Server Error - https://hp-ml370g5-01.rhts.eng.bos.redhat.com/containers"

Expected results:
I should be able to navigate 'All Containers'

Additional info:

Comment 2 jaudet 2015-02-06 17:18:01 UTC

I can also trigger this error by doing the following:

1. Create a compute resource with the following attributes:

    name: some-compute-resource
    provider: Docker
    url: https://localhost:4243

2. Navigate to Containers > All Containers

Here's the stack trace I get:

    String does not start with the prefix 'encrypted-', so ForemanDocker::Docker some-compute-resource was not decrypted
      Rendered /opt/rh/ruby193/root/usr/share/gems/gems/foreman_docker-1.0.1/app/views/containers/_list.html.erb (71.5ms)
      Rendered /opt/rh/ruby193/root/usr/share/gems/gems/foreman_docker-1.0.1/app/views/containers/index.html.erb within layouts/application (646.0ms)
    Operation FAILED: Permission denied - connect(2) (Errno::EACCES)
      Rendered common/500.html.erb within layouts/application (241.4ms)
      Rendered layouts/base.html.erb (1.7ms)
    Completed 500 Internal Server Error in 1287ms (Views: 273.7ms | ActiveRecord: 1.2ms)

Comment 3 Daniel Lobato Garcia 2015-02-06 21:42:50 UTC

Created redmine issue http://projects.theforeman.org/issues/9275 from this bug

Comment 4 Partha Aji 2015-02-06 22:49:54 UTC

Need info - 
1) Was docker running - service docker status OR "docker images" actually showing up ok and not showing errors on the host  
2) What was in your /etc/sysconfig/docker
OPTIONS=--selinux-enabled -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock  ???
3) Its probably a documentation thing, but you need that -H tcp://0.0.0.0:2375  if you want to use https://localhost:4243

Comment 5 Partha Aji 2015-02-06 22:51:31 UTC

Correction you need that "-H tcp://0.0.0.0:4243"  if you want to use https://localhost:4243

Comment 7 Partha Aji 2015-02-06 23:01:42 UTC

Curious about the setup. Are you running docker on the same machine as the satellite. If so you probably need to add docker group to foreman user if you want to use -H unix:///var/run/docker.sock.

Alternatively you can add 
OPTIONS=--selinux-enabled -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock
in /etc/sysconfig/docker

and create a compute resource with https://localhost:2375

Comment 9 David Davis 2015-02-07 14:33:08 UTC

(In reply to Partha Aji from comment #7)
> If so you probably need to add docker group to foreman user if
> you want to use -H unix:///var/run/docker.sock.

IIRC, this is the problem I had.

Comment 10 Elyézer Rezende 2015-02-07 14:44:20 UTC

We use automation-tools to setup docker on every Satellite installation. In [1] you can find the complete task which setups Docker. The relevant part is that we add the following options to the daemon `--selinux-enabled=true --host tcp://0.0.0.0:2375 --host unix:///var/run/docker.sock`. But we don't add docker group to foreman user.

I think Satellite could be smart enough to check if it can connect to a unix:///var/run/docker.sock socket and provide better feedback if it can't. When I tested, test connection does not say anything when I use the unix socket path.

[1] https://github.com/SatelliteQE/automation-tools/blob/master/automation_tools/__init__.py#L226-L280

Comment 11 David Davis 2015-02-07 18:26:13 UTC

+1 to better errors. The whole compute resource stuff is hard to use because of bad error/success reporting when setting up and editing a compute resource.

Comment 12 Partha Aji 2015-02-12 22:04:32 UTC

Should be fixed when -> https://github.com/theforeman/foreman-docker/pull/83 gets merged

Comment 13 Bryan Kearney 2015-03-19 16:04:39 UTC

Moving to POST since upstream bug http://projects.theforeman.org/issues/9275 has been closed

Comment 14 Partha Aji 2015-03-24 22:55:59 UTC

Should be fixed with https://github.com/theforeman/foreman-docker/pull/85 .. You will see an error message now saying "cant connect" but wont result in an ISE.

Comment 15 Og Maciel 2015-03-26 15:48:34 UTC

Created attachment 1006870 [details]
No longer getting a 500 and error page.

The fix is: even though you can create a docker-based compute resource with incorrect URL value, Satellite will no longer ISE. Instead, the user will see an error message next to the compute resource.

Comment 16 Og Maciel 2015-03-26 15:51:34 UTC

Verified by QE (see comment #15 above) using Satellite-6.1.0-RHEL-7-20150324.0 build.

Comment 17 Bryan Kearney 2015-08-11 13:24:55 UTC

This bug is slated to be released with Satellite 6.1.

Comment 18 Bryan Kearney 2015-08-12 13:59:34 UTC

This bug was fixed in version 6.1.1 of Satellite which was released on 12 August, 2015.

Note You need to log in before you can comment on or make changes to this bug.