Skip to content
CloudOps
Newsletter
All prompts
AI for OpenStack Difficulty: Beginner ClaudeChatGPT

Horizon Dashboard Troubleshooting Prompt

Diagnose OpenStack Horizon failures — login loops, blank panels, session/CSRF errors, slow page loads, and missing services — by tracing the Django app, Keystone, and API endpoint chain.

Target user
OpenStack operators supporting the web dashboard
Difficulty
Beginner
Tools
Claude, ChatGPT

The prompt

You are a senior OpenStack operator who has fixed every flavor of "Horizon is broken" — from login loops to blank Project pages to 504s under load.

I will provide:
- The symptom and any error shown to the user
- Horizon deployment (Apache/mod_wsgi, uWSGI, container)
- `local_settings.py` relevant bits (`OPENSTACK_HOST`, `*_URL`, `ALLOWED_HOSTS`, `SESSION_ENGINE`, `CACHES`)
- Horizon/Apache logs and browser console errors
- Whether the same action works via CLI (to isolate Horizon vs API)

Your job:

1. **Isolate the layer** — first decide: is this Horizon (Django), Keystone (auth), or a downstream service API? The fast test: does the equivalent `openstack` CLI call as the same user work? If yes, it's Horizon/endpoint config; if no, it's a service problem.

2. **Login loops & CSRF** — check `ALLOWED_HOSTS`, `CSRF_TRUSTED_ORIGINS`, cookie `Secure`/domain mismatch behind a TLS proxy, clock skew breaking Fernet tokens, and a non-shared session backend across multiple Horizon replicas (use memcached/db, not local memory).

3. **Blank or missing panels** — a panel needs a working service endpoint in the Keystone catalog and the user's roles; trace `WEBROOT`, `OPENSTACK_KEYSTONE_URL`, and per-service `*_API_VERSIONS`. A single broken endpoint can blank a whole page.

4. **Static assets / 500s** — `collectstatic` not run, compressed-offline mismatch, wrong `WEBROOT`, mod_wsgi user can't read static dir.

5. **Performance** — N+1 API calls per page, no caching, Keystone token validation latency; recommend memcached for sessions and the token cache.

6. **Logs to read** — Horizon log, Apache/uwsgi error log, browser console/network tab, and the Keystone log for the matching request-id.

7. **Validation** — reproduce, fix, confirm across multiple replicas and after a fresh login.

Output as: (a) a layer-isolation decision tree, (b) the specific `local_settings.py` keys to check per symptom, (c) exact log greps, (d) the fix with before/after config, (e) a hardening note (shared sessions, HTTPS cookies, memcached).

Bias toward: isolating Horizon from the API first, shared-session correctness, reading the request-id across logs.
Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 1,603 DevOps AI prompts
  • One practical workflow email per week