CaaS and NF LCM operations fail with a 400 OK error on latest browser versions of Chrome, Edge, and Firefox)
search cancel

CaaS and NF LCM operations fail with a 400 OK error on latest browser versions of Chrome, Edge, and Firefox)

book

Article ID: 367379

calendar_today

Updated On:

Products

VMware Telco Cloud Automation

Issue/Introduction

On the latest browsers versions [Google Chrome 124.x, Microsoft Edge, Firefox 126, Brave, etc.], Telco Cloud Automation (TCA) fails to complete any NF / CaaS LCM operation due to a 400 OK error, similar to the following:

Http failure response for https://x.x.x.x/ets/orgs/default/direct/v271/vnflcm/v2/vnf_instances/y.y.y.y.y/heal: 400 OK

 

Environment

Impacts TCA 2.2, 2.3, 3.0 and 3.1.

This issue is addressed in TCA 3.1.1 by deprecating the priority header in favor of a new x-tca-priority header.

Note:

  • This affects only the TCA-Manager appliance. TCA-CP appliances are not affected.
  • Google Chrome version 123 and below will not exhibit this problem.

Cause

The latest versions of Google Chrome (124), Mozilla Firefox (126) and Microsoft Edge (and others) have begun attaching an HTTP Priority header to all API requests made from the browser, for all websites. This new header conflicts with our Priority header which TCA uses or advanced prioritization operations via the API. The NF / CaaS LCM operations fail due to the unexpected value being received in the header of the API call.

Resolution

VMware Telco Cloud Automation 2.2 and 2.3 environments

Perform the following steps on every VMware Telco Cloud Automation – Manager appliance (versions 2.2 or 2.3).

  1. SSH to the TCA-Manager appliance via admin user.
  2. Switch to root user by running the command: su
  3. Edit the file /opt/vmware/config/apache-httpd/hcx-virtual-hosts.conf
    vi /opt/vmware/config/apache-httpd/hcx-virtual-hosts.conf
  4. Add the following line within the VirtualHost section (ensure indentation is correctly maintained):
    RequestHeader unset Priority
  5. Restart the apache-httpd service
    systemctl restart apache-httpd
  6. You can now perform operations on VMware Telco Cloud Automation as usual.

    NOTE: The Advanced Prioritization request via APIs will no longer be honored after this change

VMware Telco Cloud Automation 3.0 or 3.1 environments

  1. SSH into the TCA-Manager appliance using the admin user.
  2. Copy the following command to apply the patch configuration. (Or you can download, copy, and paste the contents of the TCA-3x-400Error-367379_Patch.txt attachment)
    kubectl apply -f - <<EOF
    apiVersion: networking.istio.io/v1alpha3
    kind: EnvoyFilter
    metadata:
      name: tca-priority-header-fix
      namespace: tca-mgr
    spec:
      configPatches:
      - applyTo: HTTP_FILTER
        match:
          context: GATEWAY
          listener:
            filterChain:
              filter:
                name: envoy.filters.network.http_connection_manager
                subFilter:
                  name: envoy.filters.http.router
        patch:
          operation: INSERT_BEFORE
          value:
            name: envoy.lua
            typed_config:
              '@type': type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua
              inlineCode: |
                function envoy_on_request(request_handle)
                    local priorityHeader = request_handle:headers():get("Priority")
                    if not (priorityHeader == nil) and priorityHeader:find("%D")  then
                       request_handle:headers():remove("Priority")
                    end
                end
    EOF
  3. Proceed to continue working on any NF / CaaS LCM operations. 

Attachments

TCA-3x-400Error-367379_Patch.txt get_app