I try to use supervisor to monitor vtune-backend to keep it running on the server, but I have tried many times, and every time I open the web page after launching it, the page prompts me to use the --reset-passphrase option parameter. But when I do not use supervisor to monitor vtune-backend, this prompt is not used on the web page, and I can enter normally. And I tried many parameters in vtune-backend -h, but there is no solution to this. Can this support the use of supervisor to monitor so that it always runs on the back-end server? If so, what parameters need to be added to solve the problem of not letting it prompt the url generated by the reset password option parameter on the web page to access.
vtune-backend --web-port=9000 --allow-remote-ui --enable-server-profiling
I have solved the above problem temporarily, but then a new problem appeared, and the browser reported an error 401 unauthorized. I found a configuration file. I probably already know the content, but didn't give a detailed explanation about the specific values of the parameters that can be modified.
In addition, I saw this document on the official website. I solved my previous problem according to the first Passphrase Authentication above, but the problem that followed did not find a relevant solution in this document.
The 401 error is expected. This is the first request to the server and 401 error triggers the authentication flow. Do you observe any issues on the web page itself?
Also, please describe how have you fixed the supervisor issue.
I modified the authentication in the /opt/intel/oneapi/vtune/2021.5.0/backend/config.yml file
Solved my initial problem, but the 401 problem appeared later, which caused me not to know how to solve it
@Stas-Neverov-Intel thank you very much
Suddenly, I understand that the 401 problem is not actually a problem. Because When I tried to start vtune-backend in a normal way, I use F12 on the browser to see，The 401 problem will also occur when logging in normally. which made me understand that the current 401 problem is not a problem. But the js and css requested in the page, the request was successful but could not be loaded, which made me very depressed, and the background log did not display any error messages.、
@liu_wei67, yes, a single http 401 is expected.
The type of authentication you've entered in the config file is not valid. You could try "type: anonymous" to see if it helps, but it's not secure and anyone on your local network could execute arbitrary code via the VTune server since you've also enabled --enable-server-profiling.
So we need to fix the authentication "type: passphrase" to keep it secure. Check that you use either Chrome or Firefox and clear cookies for VTune web site (F12 in Chrome, Application tab, Storage/Cookies section, right-click VTune URL and choose Clear command). After clearing cookies and opening VTune web page you should see a prompt to enter the passphrase. If you do not remember your passphrase then run the VTune server with --reset-passphrase once. And open the URL that it will print. The URL will contain a one-time-token query string parameter. Make sure to open this exact URL and VTune will let you set the new passphrase.
Please try that and describe your detailed steps if you still observe any issues.
Thank you very much for solving the problem for me
After I used the solution you gave, I can log in successfully and the content is displayed, but the more cumbersome thing is that when I log in for the first time or in the case of subsequent browser cookies being cleared, I need to log in the background log Check the generated URL information with token so that I can use it to log in in the browser and enter the password. However, my initial idea is to make it more automated, because I use supervisor to manage it, like I only need to log in i can access it by typing ip:port in the browser, even if I enter the password once.
>>> shell file
vtune-backend --web-port=9000 --allow-remote-ui --reset-passphrase --enable-server-profiling --data-directory=/root/intel/vtune/projects/
I added an option --reset-passphrase to the original shell script.
type: passphrase # I changed it back to the original value
type: anonymous # Opened the comment of this key-value pair
You can manually run "vtune-backend --reset-passphrase" once and set the passphrase. VTune will persist the hash of the passphrase. Then you can configure supervisor to run vtune-backend without --reset-passphrase. It will use the persisted hash of the passphrase. As long as you remember the passphrase you can access VTune GUI in the browser even if you clear cookies. You would just need to enter the same passphrase when prompted.
Sorry, I didn’t understand what you said you can set your own passphrase, because I tried vtune-backend --reset-passphrase mypassword, but it didn’t work, because after I cleared the cookie on the browser, I asked me when I visited Enter the password. I entered the password I set before, but the result is wrong. However, the password is still the password of my back-end server, so I don’t quite understand the problem of setting the passphrase by myself. It is the parameter value I set Is it wrong?
>>> vtune-backend --reset-passphrase xXDD123
No TLS certificate was provided as a --tls-certificate command-line argument thus a self-signed certificate is generated to enable secure HTTPS transport for the web server: /root/.intel/amplxe/settings/certificates/middleware.crt.
Serving GUI at https://127.0.0.1:45509?one-time-token=edc97ce96294744f4ed77f8abc878bac
warn: Server access is limited to localhost only. To enable remote access restart with --allow-remote-ui.
>>> vtune-backend --web-port=9000 --allow-remote-ui --enable-server-profiling
>>> https://ip:9000 # web url
I entered the password I set，The result is wrong
--reset-passphrase command-line argument is a flag, and you should not type passphrase value after this argument. Instead when you add --reset-passphrase then VTune will add a one-time-token to the URL, e.g. https://127.0.0.1:45509?one-time-token=edc97ce96294744f4ed77f8abc878bac. To reset the passphrase you need to open this URL and enter the new passphrase in the browser.
So I suggest the following:
- Run "vtune-backend --web-port=9000 --reset-passphrase" manually. Open the URL that it prints and set the passphrase. Stop the vtune-backend. You need to do this only once.
- Configure supervisor to run "vtune-backend --web-port=9000". Do NOT include --reset-passphrase argument. Open URL without one-time-token (you can find it the supervisor logs, or you could simply remove the "?one-time-token=..." from the URL printed at step 1, or you could keep the web page open after step 1 - it will automatically connect to the new instance of the vtune-backend).
- If you are prompted to enter a passphrase then simply use the same passphrase entered in step 1.
I hope this is more clear now.
As there was no reply on the request if the question was answered, I consider it's resolved and close the issue. However, please feel free discussing this topic further in the forum thread if needed.