You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by "t oo (JIRA)" <ji...@apache.org> on 2019/05/14 19:28:00 UTC
[jira] [Comment Edited] (AIRFLOW-4351) [UI] login - ldap connection
retries
[ https://issues.apache.org/jira/browse/AIRFLOW-4351?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16839602#comment-16839602 ]
t oo edited comment on AIRFLOW-4351 at 5/14/19 7:27 PM:
--------------------------------------------------------
Seems to occur just after refreshing a dag.py definition OR just starting airflow OR restarting gunicorn workers+schedulers. My settings are:
worker_precheck = False
web_server_worker_timeout = 120
worker_refresh_batch_size = 1
worker_refresh_interval = 600
workers = 15
worker_class = gevent
worker_concurrency = 16
worker_log_server_port = 8793
worker_container_repository =
worker_container_tag =
worker_container_image_pull_policy = IfNotPresent
delete_worker_pods = True
worker_pods_creation_batch_size = 1
worker_service_account_name =
worker_refresh_interval = 600
min_file_process_interval = 45
dag_dir_list_interval = 300
print_stats_interval = 30
was (Author: toopt4):
Seems to be occur just after refreshing a dag.py definition. My settings are:
worker_precheck = False
web_server_worker_timeout = 120
worker_refresh_batch_size = 1
worker_refresh_interval = 600
workers = 15
worker_class = gevent
worker_concurrency = 16
worker_log_server_port = 8793
worker_container_repository =
worker_container_tag =
worker_container_image_pull_policy = IfNotPresent
delete_worker_pods = True
worker_pods_creation_batch_size = 1
worker_service_account_name =
worker_refresh_interval = 600
min_file_process_interval = 45
dag_dir_list_interval = 300
print_stats_interval = 30
> [UI] login - ldap connection retries
> ------------------------------------
>
> Key: AIRFLOW-4351
> URL: https://issues.apache.org/jira/browse/AIRFLOW-4351
> Project: Apache Airflow
> Issue Type: Improvement
> Components: ui
> Affects Versions: 1.10.3
> Reporter: t oo
> Priority: Minor
>
> Ideally the connection to ldap should retry (2 to 3 times maybe with half second interval) in the background otherwise the user sees big mushroom cloud when there could just be temporary network blip
> [https://github.com/apache/airflow/blob/master/airflow/contrib/auth/backends/ldap_auth.py]
> |if not conn.bind():|
> | |log.error("Cannot bind to ldap server: %s ", conn.last_error)|
> | |raise AuthenticationError("Cannot bind to ldap server")|
> | |
>
> Traceback (most recent call last):
> File "/home/ec2-user/venv/local/lib64/python2.7/site-packages/flask/app.py", line 2292, in wsgi_app
> response = self.full_dispatch_request()
> File "/home/ec2-user/venv/local/lib64/python2.7/site-packages/flask/app.py", line 1815, in full_dispatch_request
> rv = self.handle_user_exception(e)
> File "/home/ec2-user/venv/local/lib64/python2.7/site-packages/flask/app.py", line 1718, in handle_user_exception
> reraise(exc_type, exc_value, tb)
> File "/home/ec2-user/venv/local/lib64/python2.7/site-packages/flask/app.py", line 1813, in full_dispatch_request
> rv = self.dispatch_request()
> File "/home/ec2-user/venv/local/lib64/python2.7/site-packages/flask/app.py", line 1799, in dispatch_request
> return self.view_functions[rule.endpoint](**req.view_args)
> File "/home/ec2-user/venv/local/lib64/python2.7/site-packages/flask_admin/base.py", line 69, in inner
> return self._run_view(f, *args, **kwargs)
> File "/home/ec2-user/venv/local/lib64/python2.7/site-packages/flask_admin/base.py", line 368, in _run_view
> return fn(self, *args, **kwargs)
> File "/home/ec2-user/venv/local/lib/python2.7/site-packages/airflow/www/views.py", line 731, in login
> return airflow.login.login(self, request)
> File "/home/ec2-user/venv/local/lib/python2.7/site-packages/airflow/utils/db.py", line 73, in wrapper
> return func(*args, **kwargs)
> File "/home/ec2-user/venv/local/lib/python2.7/site-packages/airflow/contrib/auth/backends/ldap_auth.py", line 308, in login
> LdapUser.try_login(username, password)
> File "/home/ec2-user/venv/local/lib/python2.7/site-packages/airflow/contrib/auth/backends/ldap_auth.py", line 232, in try_login
> conn = get_ldap_connection(entry['dn'], password)
> File "/home/ec2-user/venv/local/lib/python2.7/site-packages/airflow/contrib/auth/backends/ldap_auth.py", line 80, in get_ldap_connection
> if not conn.bind():
> File "/home/ec2-user/venv/local/lib/python2.7/site-packages/ldap3/core/connection.py", line 548, in bind
> response = self.post_send_single_response(self.send('bindRequest', request, controls))
> File "/home/ec2-user/venv/local/lib/python2.7/site-packages/ldap3/strategy/sync.py", line 121, in post_send_single_response
> responses, result = self.get_response(message_id)
> File "/home/ec2-user/venv/local/lib/python2.7/site-packages/ldap3/strategy/base.py", line 325, in get_response
> responses = self._get_response(message_id)
> File "/home/ec2-user/venv/local/lib/python2.7/site-packages/ldap3/strategy/sync.py", line 157, in _get_response
> responses = self.receiving()
> File "/home/ec2-user/venv/local/lib/python2.7/site-packages/ldap3/strategy/sync.py", line 92, in receiving
> raise communication_exception_factory(LDAPSocketReceiveError, type(e)(str(e)))(self.connection.last_error)
> LDAPSocketReceiveError: error receiving data: [Errno 104] Connection reset by peer
>
>
>
> Also got this intermittently:
>
> {ldap_auth.py:81} ERROR - Cannot bind to ldap server: invalidCredentials
>
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)