Bug 1054498

Summary: Horizon SSL is disabled by Nagios configuration via packstack
Product: Red Hat OpenStack Reporter: Lon Hohberger <lhh>
Component: openstack-packstackAssignee: Ivan Chavero <ichavero>
Status: CLOSED ERRATA QA Contact: Attila Darazs <adarazs>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.0CC: aberezin, aortega, derekh, ichavero, yeylon
Target Milestone: z2Keywords: ZStream
Target Release: 4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openstack-packstack-2013.2.1-0.23.dev979.el6ost Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1061689 (view as bug list) Environment:
Last Closed: 2014-03-04 19:15:02 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 966094    
Bug Blocks: 1061689    

Description Lon Hohberger 2014-01-16 23:19:12 UTC 
Description of problem:

Nagios puppet modules disable SSL after the Horizon module enables it.


Version-Release number of selected component (if applicable): openstack-packstack-2013.2.1-0.22.dev956.el6ost.noarch


How reproducible: 100%

Steps to Reproduce:
1. packstack --os-horizon-ssl=y --allinone
2. (wait)

Actual results:

After completion, SSL for Apache is disabled - thus, Horizon SSL does not work.


Expected results:

Unknown.  The Nagios module reset the Apache configuration to largely default, clearing out the Apache SSL configuration performed by the Horizon module.


Additional info:

packstack --os-horizon-ssl=y --nagios-install=n --allinone

...works fine...
Comment 1 Ivan Chavero 2014-01-20 18:42:38 UTC 
Modifying the nagios template so it uses the SSL configuration given by horizon.
Comment 2 Ivan Chavero 2014-01-24 21:56:14 UTC 
patch submitted to gerrit code review: https://review.openstack.org/#/c/68557/

The nagios template uses the apache class, this
class overwrites the current configuration thus
deleting the horizon configurations. By checking
if horizon is installed this patch avoids the use
of the apache puppeet class in the nagios template.
Comment 3 Ivan Chavero 2014-01-27 07:16:31 UTC 
The nagios template uses the apache class, this
class overwrites the current configuration thus
deleting the horizon configurations. By checking
if horizon is installed this patch avoids the use
of the apache puppeet class in the nagios template.
Comment 5 Attila Darazs 2014-02-20 16:09:56 UTC 
Installed it with both nagios and horizon ssl enabled, and it resulted in a working https installation. Verified.
Comment 9 errata-xmlrpc 2014-03-04 19:15:02 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2014-0233.html