Back to bug 2203857
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Red Hat One Jira (issues.redhat.com) | 2023-05-15 13:13:45 UTC | Link ID | Red Hat Issue Tracker OSP-25072 | |
| Giulio Fidente | 2023-05-15 13:14:47 UTC | Assignee | gfidente | alfrgarc |
| Keywords | TestOnly, Triaged | |||
| Priority | unspecified | high | ||
| Depends On | 2188266 | |||
| Giulio Fidente | 2023-05-15 13:15:13 UTC | Status | NEW | ASSIGNED |
| Giulio Fidente | 2023-05-15 13:16:13 UTC | Priority | high | urgent |
| Giulio Fidente | 2023-05-15 13:16:27 UTC | Target Milestone | --- | rc |
| RHEL Program Management | 2023-05-15 13:16:34 UTC | Target Release | --- | 17.1 |
| Giulio Fidente | 2023-05-16 08:27:14 UTC | QA Contact | yrabl | alfrgarc |
| Keywords | TestOnly | Documentation | ||
| Assignee | alfrgarc | rhos-docs | ||
| Depends On | 2188266 | |||
| Component | ceph | documentation | ||
| Target Milestone | rc | beta | ||
| Denise Hughes | 2023-05-17 20:50:22 UTC | CC | dhughes | |
| Mikey Ariel | 2023-05-18 13:18:17 UTC | Doc Type | If docs needed, set a value | Known Issue |
| CC | mariel | |||
| Giulio Fidente | 2023-06-09 15:55:00 UTC | Doc Text | Cause: A bug in Ceph Rados Gateway causes authorization of Keystone tokens to fail Consequence: Swift client fails, returning code 403/Unauthorized, when the deployment is configured with Ceph and uses Rados Gateway as object-store Workaround (if any): Deploy Swift, instead of RGW, even when enabling Ceph for persistent (Cinder/Glance) and ephemeral (Nova) storage by replacing use of `cephadm.yaml` environment file with `cephadm-rbd-only.yaml` in the deploy command line Result: The OpenStack environment will be configured with Swift instead of Rados Gateway as object-store server and Swift clients will work |
|
| Giulio Fidente | 2023-06-09 17:09:22 UTC | Link ID | Red Hat Bugzilla 2188266 | |
| Erin Peterson | 2023-06-09 17:57:29 UTC | CC | erpeters | |
| Doc Text | Cause: A bug in Ceph Rados Gateway causes authorization of Keystone tokens to fail Consequence: Swift client fails, returning code 403/Unauthorized, when the deployment is configured with Ceph and uses Rados Gateway as object-store Workaround (if any): Deploy Swift, instead of RGW, even when enabling Ceph for persistent (Cinder/Glance) and ephemeral (Nova) storage by replacing use of `cephadm.yaml` environment file with `cephadm-rbd-only.yaml` in the deploy command line Result: The OpenStack environment will be configured with Swift instead of Rados Gateway as object-store server and Swift clients will work | There is currently a known issue in the Ceph RADOS Gateway that causes authorization of Keystone tokens to fail. As a result, Swift clients fail, returning code *403/Unauthorized*, when the deployment is configured with Ceph and uses RADOS Gateway as the object-store server. Workaround: Deploy Swift as the object-store server, instead of RADOS Gateway, even when enabling Ceph for persistent (Cinder or Glance) and ephemeral (Nova) storage. This is done by replacing the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. Result: The OpenStack environment is configured with Swift instead of RADOS Gateway as the object-store server and Swift clients work as expected. |
||
| Paul Grist | 2023-06-09 19:12:32 UTC | CC | pgrist | |
| Giulio Fidente | 2023-06-12 16:16:32 UTC | Doc Text | There is currently a known issue in the Ceph RADOS Gateway that causes authorization of Keystone tokens to fail. As a result, Swift clients fail, returning code *403/Unauthorized*, when the deployment is configured with Ceph and uses RADOS Gateway as the object-store server. Workaround: Deploy Swift as the object-store server, instead of RADOS Gateway, even when enabling Ceph for persistent (Cinder or Glance) and ephemeral (Nova) storage. This is done by replacing the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. Result: The OpenStack environment is configured with Swift instead of RADOS Gateway as the object-store server and Swift clients work as expected. | There is a known issue in the Ceph RADOS Gateway component in RHCS 6.0 (BZ# https://bugzilla.redhat.com/2188266) that causes authorization of Keystone tokens to fail. As a result, when the deployment is configured with Ceph and uses RADOS Gateway as the object-store server, Swift clients fail returning code *403/Unauthorized*. The issue should not be present when deploying with RHC 6.1. Workaround: Deploy Swift as the object-store server, instead of RADOS Gateway, even when enabling Ceph for persistent (Cinder or Glance) and ephemeral (Nova) storage. This is done by replacing the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. Result: The OpenStack environment is configured with Swift instead of RADOS Gateway as the object-store server and Swift clients work as expected. |
| James Smith | 2023-06-12 21:02:48 UTC | Doc Text | There is a known issue in the Ceph RADOS Gateway component in RHCS 6.0 (BZ# https://bugzilla.redhat.com/2188266) that causes authorization of Keystone tokens to fail. As a result, when the deployment is configured with Ceph and uses RADOS Gateway as the object-store server, Swift clients fail returning code *403/Unauthorized*. The issue should not be present when deploying with RHC 6.1. Workaround: Deploy Swift as the object-store server, instead of RADOS Gateway, even when enabling Ceph for persistent (Cinder or Glance) and ephemeral (Nova) storage. This is done by replacing the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. Result: The OpenStack environment is configured with Swift instead of RADOS Gateway as the object-store server and Swift clients work as expected. | A known issue in the Ceph RADOS Gateway component in RHCS 6.0 causes authorization of Keystone tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when the deployment is configured with Ceph and uses RADOS Gateway as the object-store server, Swift clients fail, returning code *403/Unauthorized*. The issue is not present when deploying with RHC 6.1. Workaround: Deploy Swift as the object-store server, instead of RADOS Gateway, even when enabling Ceph for persistent (Cinder or Glance) and ephemeral (Nova) storage. This is done by replacing the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. Result: The OpenStack environment is configured with Swift instead of RADOS Gateway as the object-store server and Swift clients work as expected. |
| CC | jamsmith | |||
| Paul Grist | 2023-06-13 17:13:52 UTC | Doc Text | A known issue in the Ceph RADOS Gateway component in RHCS 6.0 causes authorization of Keystone tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when the deployment is configured with Ceph and uses RADOS Gateway as the object-store server, Swift clients fail, returning code *403/Unauthorized*. The issue is not present when deploying with RHC 6.1. Workaround: Deploy Swift as the object-store server, instead of RADOS Gateway, even when enabling Ceph for persistent (Cinder or Glance) and ephemeral (Nova) storage. This is done by replacing the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. Result: The OpenStack environment is configured with Swift instead of RADOS Gateway as the object-store server and Swift clients work as expected. | A known issue in the Ceph RADOS Gateway component in RHCS 6.0 causes authorization of Keystone tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when the deployment is configured with Ceph and uses RADOS Gateway as the object-store server, Swift clients fail, returning code *403/Unauthorized*. The issue is not present when deploying with RHC 6.1. + Also as a result, OpenShift Integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. + Workaround: Deploy Swift as the object-store server, instead of RADOS Gateway, even when enabling Ceph for persistent (Cinder or Glance) and ephemeral (Nova) storage. This is done by replacing the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. Result: The OpenStack environment is configured with Swift instead of RADOS Gateway as the object-store server and Swift clients work as expected. |
| James Smith | 2023-06-13 17:42:37 UTC | Flags | needinfo?(pgrist) | |
| Doc Text | A known issue in the Ceph RADOS Gateway component in RHCS 6.0 causes authorization of Keystone tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when the deployment is configured with Ceph and uses RADOS Gateway as the object-store server, Swift clients fail, returning code *403/Unauthorized*. The issue is not present when deploying with RHC 6.1. + Also as a result, OpenShift Integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. + Workaround: Deploy Swift as the object-store server, instead of RADOS Gateway, even when enabling Ceph for persistent (Cinder or Glance) and ephemeral (Nova) storage. This is done by replacing the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. Result: The OpenStack environment is configured with Swift instead of RADOS Gateway as the object-store server and Swift clients work as expected. | A known issue in the Ceph RADOS Gateway component in RHCS 6.0 causes authorization of Keystone tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when the deployment is configured with Ceph and uses RADOS Gateway as the object-store server, Swift clients fail, returning code `403/Unauthorized`. The issue is not present when deploying with RHC 6.1. + Also as a result, OpenShift Integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. + Workaround: Deploy Swift as the object-store server, instead of RADOS Gateway, even when enabling Ceph for persistent (Cinder or Glance) and ephemeral (Nova) storage. This is done by replacing the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + Result: The OpenStack environment is configured with Swift instead of RADOS Gateway as the object-store server and Swift clients work as expected. |
||
| Paul Grist | 2023-06-13 17:48:39 UTC | Flags | needinfo?(pgrist) | |
| James Smith | 2023-06-14 03:07:32 UTC | Flags | needinfo?(gfidente) needinfo?(pgrist) | |
| Paul Grist | 2023-06-14 13:42:53 UTC | Flags | needinfo?(pgrist) | |
| Jenny-Anne Lynch | 2023-06-14 15:26:41 UTC | CC | jelynch | |
| Doc Text | A known issue in the Ceph RADOS Gateway component in RHCS 6.0 causes authorization of Keystone tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when the deployment is configured with Ceph and uses RADOS Gateway as the object-store server, Swift clients fail, returning code `403/Unauthorized`. The issue is not present when deploying with RHC 6.1. + Also as a result, OpenShift Integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. + Workaround: Deploy Swift as the object-store server, instead of RADOS Gateway, even when enabling Ceph for persistent (Cinder or Glance) and ephemeral (Nova) storage. This is done by replacing the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + Result: The OpenStack environment is configured with Swift instead of RADOS Gateway as the object-store server and Swift clients work as expected. | Currently, a known issue in the Ceph RADOS Gateway component in Red Hat Ceph Storage (RHCS) 6.0 causes authorization of Identity service (keystone) tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when you configure your deployment with Red Hat Ceph Storage and use RADOS Gateway as the object-store server, Object Storage service (swift) clients fail and return code `403/Unauthorized`. The issue is not present when deploying with RHCS 6.1. + OpenShift integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. + Workaround: Deploy the Object Storage service (swift) as the object-store server instead of RADOS Gateway, even when enabling Ceph Storage for persistent Block Storage service (cinder) or Image service (glance) storage and ephemeral Compute service (nova) storage. To do this, replace the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + When you configure the OpenStack environment with the Object Storage service (swift) instead of RADOS Gateway as the object-store server, Object Storage service (swift) clients work as expected. |
||
| Jenny-Anne Lynch | 2023-06-14 15:29:54 UTC | Doc Text | Currently, a known issue in the Ceph RADOS Gateway component in Red Hat Ceph Storage (RHCS) 6.0 causes authorization of Identity service (keystone) tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when you configure your deployment with Red Hat Ceph Storage and use RADOS Gateway as the object-store server, Object Storage service (swift) clients fail and return code `403/Unauthorized`. The issue is not present when deploying with RHCS 6.1. + OpenShift integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. + Workaround: Deploy the Object Storage service (swift) as the object-store server instead of RADOS Gateway, even when enabling Ceph Storage for persistent Block Storage service (cinder) or Image service (glance) storage and ephemeral Compute service (nova) storage. To do this, replace the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + When you configure the OpenStack environment with the Object Storage service (swift) instead of RADOS Gateway as the object-store server, Object Storage service (swift) clients work as expected. | Currently, a known issue in the Ceph RADOS Gateway component in Red Hat Ceph Storage (RHCS) 6.0 causes authorization of Identity service (keystone) tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when you configure your deployment with Red Hat Ceph Storage and use RADOS Gateway as the object-store server, Object Storage service (swift) clients fail and return code `403/Unauthorized`. The issue is not present when deploying with RHCS 6.1. + Also, OpenShift integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. + Workaround: Deploy the Object Storage service (swift) as the object-store server instead of RADOS Gateway, even when enabling Ceph Storage for persistent Block Storage service (cinder) or Image service (glance) storage and ephemeral Compute service (nova) storage. To do this, replace the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + When you configure the OpenStack environment with the Object Storage service (swift) instead of RADOS Gateway as the object-store server, Object Storage service (swift) clients work as expected. |
| James Smith | 2023-06-15 03:41:48 UTC | Flags | needinfo?(gfidente) needinfo?(pgrist) | |
| Doc Text | Currently, a known issue in the Ceph RADOS Gateway component in Red Hat Ceph Storage (RHCS) 6.0 causes authorization of Identity service (keystone) tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when you configure your deployment with Red Hat Ceph Storage and use RADOS Gateway as the object-store server, Object Storage service (swift) clients fail and return code `403/Unauthorized`. The issue is not present when deploying with RHCS 6.1. + Also, OpenShift integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. + Workaround: Deploy the Object Storage service (swift) as the object-store server instead of RADOS Gateway, even when enabling Ceph Storage for persistent Block Storage service (cinder) or Image service (glance) storage and ephemeral Compute service (nova) storage. To do this, replace the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + When you configure the OpenStack environment with the Object Storage service (swift) instead of RADOS Gateway as the object-store server, Object Storage service (swift) clients work as expected. | Currently, a known issue in the Ceph RADOS Gateway component in Red Hat Ceph Storage (RHCS) 6.0 causes authorization of Identity service (keystone) tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when you configure your deployment with Red Hat Ceph Storage and use RADOS Gateway as the object-store server, Object Storage service (swift) clients fail and return code `403/Unauthorized`. The issue did not manifest in tests that deployed pre-release versions of RHCS 6.1, which will be be released for general availability soon. + Also, OpenShift integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. The following workaround is expected to mitigate the issue and enable you to do preliminary tests with OpenShift integration on OpenStack. + Workaround: Deploy the Object Storage service (swift) as the object-store server instead of RADOS Gateway, even when enabling Ceph Storage for persistent Block Storage service (cinder) or Image service (glance) storage and ephemeral Compute service (nova) storage. To do this, replace the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + When you configure the OpenStack environment with the Object Storage service (swift) instead of RADOS Gateway as the object-store server, Object Storage service (swift) clients work as expected. |
||
| James Smith | 2023-06-15 13:38:02 UTC | Doc Text | Currently, a known issue in the Ceph RADOS Gateway component in Red Hat Ceph Storage (RHCS) 6.0 causes authorization of Identity service (keystone) tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when you configure your deployment with Red Hat Ceph Storage and use RADOS Gateway as the object-store server, Object Storage service (swift) clients fail and return code `403/Unauthorized`. The issue did not manifest in tests that deployed pre-release versions of RHCS 6.1, which will be be released for general availability soon. + Also, OpenShift integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. The following workaround is expected to mitigate the issue and enable you to do preliminary tests with OpenShift integration on OpenStack. + Workaround: Deploy the Object Storage service (swift) as the object-store server instead of RADOS Gateway, even when enabling Ceph Storage for persistent Block Storage service (cinder) or Image service (glance) storage and ephemeral Compute service (nova) storage. To do this, replace the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + When you configure the OpenStack environment with the Object Storage service (swift) instead of RADOS Gateway as the object-store server, Object Storage service (swift) clients work as expected. | Currently, a known issue in the Ceph RADOS Gateway component in Red Hat Ceph Storage (RHCS) 6.0 causes authorization with Identity service (keystone) tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when you configure your deployment with Red Hat Ceph Storage using RADOS Gateway as the object-store server, Object Storage service (swift) clients fail and return code `403/Unauthorized`. The issue did not manifest in tests that deployed pre-release versions of RHCS 6.1, which will be be released for general availability soon. + Also, OpenShift integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. The following workaround is expected to mitigate the issue and enable you to do preliminary tests with OpenShift integration on OpenStack prior to the release of RHCS 6.1. + Workaround: Deploy the Object Storage service (swift) as the object-store server instead of RADOS Gateway, even when enabling Ceph Storage for persistent Block Storage service (cinder) or Image service (glance) storage and ephemeral Compute service (nova) storage. To do this, replace the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + When you configure the OpenStack environment with the Object Storage service (swift) instead of RADOS Gateway as the object-store server, Object Storage service (swift) clients work as expected. |
| James Smith | 2023-06-15 14:25:05 UTC | Doc Text | Currently, a known issue in the Ceph RADOS Gateway component in Red Hat Ceph Storage (RHCS) 6.0 causes authorization with Identity service (keystone) tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when you configure your deployment with Red Hat Ceph Storage using RADOS Gateway as the object-store server, Object Storage service (swift) clients fail and return code `403/Unauthorized`. The issue did not manifest in tests that deployed pre-release versions of RHCS 6.1, which will be be released for general availability soon. + Also, OpenShift integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. The following workaround is expected to mitigate the issue and enable you to do preliminary tests with OpenShift integration on OpenStack prior to the release of RHCS 6.1. + Workaround: Deploy the Object Storage service (swift) as the object-store server instead of RADOS Gateway, even when enabling Ceph Storage for persistent Block Storage service (cinder) or Image service (glance) storage and ephemeral Compute service (nova) storage. To do this, replace the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + When you configure the OpenStack environment with the Object Storage service (swift) instead of RADOS Gateway as the object-store server, Object Storage service (swift) clients work as expected. | Currently, a known issue in the Ceph RADOS Gateway component in Red Hat Ceph Storage (RHCS) 6.0 causes authorization with Identity service (keystone) tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when you configure your deployment with Red Hat Ceph Storage using RADOS Gateway as the object-store server, Object Storage service (swift) clients fail and return code `403/Unauthorized`. The issue did not manifest in tests that deployed pre-release versions of RHCS 6.1, which was released for general availability on June 15, 2023. + Also, OpenShift integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. The following workaround is expected to mitigate the issue and enable you to do preliminary tests with OpenShift integration on OpenStack. + Workaround: Deploy the Object Storage service (swift) as the object-store server instead of RADOS Gateway, even when enabling Ceph Storage for persistent Block Storage service (cinder) or Image service (glance) storage and ephemeral Compute service (nova) storage. To do this, replace the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + When you configure the OpenStack environment with the Object Storage service (swift) instead of RADOS Gateway as the object-store server, Object Storage service (swift) clients work as expected. |
| Lukas Svaty | 2023-06-16 08:13:29 UTC | Target Milestone | beta | ga |
| Paul Grist | 2023-06-20 23:41:03 UTC | Flags | needinfo?(pgrist) | |
| Giulio Fidente | 2023-06-21 11:52:39 UTC | Target Milestone | ga | beta |
| Giulio Fidente | 2023-06-21 12:41:26 UTC | Flags | needinfo?(gfidente) needinfo?(gfidente) | |
| Jenny-Anne Lynch | 2023-07-18 14:15:41 UTC | CC | jelynch | |
| Giulio Fidente | 2023-08-08 13:27:15 UTC | Resolution | --- | CURRENTRELEASE |
| Status | ASSIGNED | CLOSED | ||
| Last Closed | 2023-08-08 13:27:15 UTC | |||
| Jenny-Anne Lynch | 2023-08-16 08:33:51 UTC | Doc Text | Currently, a known issue in the Ceph RADOS Gateway component in Red Hat Ceph Storage (RHCS) 6.0 causes authorization with Identity service (keystone) tokens to fail. See https://bugzilla.redhat.com/2188266. + As a result, when you configure your deployment with Red Hat Ceph Storage using RADOS Gateway as the object-store server, Object Storage service (swift) clients fail and return code `403/Unauthorized`. The issue did not manifest in tests that deployed pre-release versions of RHCS 6.1, which was released for general availability on June 15, 2023. + Also, OpenShift integration on OpenStack has not been validated for beta because the default configuration uses RADOS Gateway. The following workaround is expected to mitigate the issue and enable you to do preliminary tests with OpenShift integration on OpenStack. + Workaround: Deploy the Object Storage service (swift) as the object-store server instead of RADOS Gateway, even when enabling Ceph Storage for persistent Block Storage service (cinder) or Image service (glance) storage and ephemeral Compute service (nova) storage. To do this, replace the `cephadm.yaml` environment file with the `cephadm-rbd-only.yaml` in the deployment command line. + When you configure the OpenStack environment with the Object Storage service (swift) instead of RADOS Gateway as the object-store server, Object Storage service (swift) clients work as expected. | A known issue in the Ceph RADOS Gateway component in Red Hat Ceph Storage (RHCS) 6.0 causes authorization with Identity service (keystone) tokens to fail. This issue is not manifest in RHCS 6.1, which is supported in RHOSP 17.1. |
| CC | jelynch |
Back to bug 2203857