Uploaded image for project: 'DC/OS'
  1. DC/OS
  2. DCOS_OSS-4601

Open DC/OS multi master: login fails (authentication token is received, but not valid against all master nodes)


    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Done
    • Affects Version/s: DC/OS 1.13
    • Fix Version/s: DC/OS 1.13.0
    • Component/s: dcos-security
    • Labels:
    • Story Points:


      After creating a DCOS cluster from master with multi-master (3) configuration, it isn't possible to authorize into the cluster (from the UI or CLI).   This is only for open and it is only for multi-master.   The other configurations test fine.

      Here are the steps to reproduce:

      1. create a cluster from CCM using all defaults except switching the "template" to DC/OS Multi Master
      2. Try to log into it
        1. Either click the "Dashboard" link from CCM
        2. or copy the Dashboard link and from the CLI type: dcos cluster setup <url>
      3. This login requires the selection of OAuth type... I selected google which is my standard way (has worked before and works on DC/OS Single Master)
      4. After going through the confirmation steps (or pasting token into CLI)... Nothing happens
        1. On UI it goes back to auth page
        2. on CLI it errors out with the message below


      # cli error message
      Error trying to find cluster id: Your core.dcos_acs_token is invalid. Please run: `dcos auth login`
      Please make sure the provided DC/OS URL is valid: http://ken-uep32-elasticl-1ps2noim16po4-1619969101.us-west-2.elb.amazonaws.com/

      This of course is actually a bad UX... as dcos auth login doesn't work because the url was never recorded by the CLI... it requires dcos cluster setup again which fails.






            • Assignee:
              dominikdary Dominik Dary
              ken Ken Sipe
              Security Team
              Adam Dangoor (Inactive), Arsen Hayrapetyan, Gustav Paul, Jan-Philip Gehrcke, Jonathan Giddy, jongiddy, Ken Sipe, Martin Hrabovcin, Mergebot, Tim Weidner
            • Watchers:
              10 Start watching this issue


              • Created: