Bug 1061941
Summary: | The broker nsupdate plugin and oo-accept-broker need to allow additonal dns key algorithms | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | chris alfonso <calfonso> |
Component: | Node | Assignee: | chris alfonso <calfonso> |
Status: | CLOSED ERRATA | QA Contact: | libra bugs <libra-bugs> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 2.0.0 | CC: | adellape, bleanhar, cpelland, hbrock, jialiu, jolamb, libra-onpremise-devel, nwei, pruan, yanpzhan |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | openshift-origin-broker-util-1.17.6.3-1.el6op, rubygem-openshift-origin-dns-nsupdate-1.15.2-1.el6op | Doc Type: | Bug Fix |
Doc Text: |
OpenShift Enterprise DNS commands assumed DNS keys were created using the HMAC-MD5 algorithm, causing calls to the nsupdate utility to fail when the DNS key did not use HMAC-MD5. This bug fix adds support to the nsupdate plugin and the oo-accept-broker tool to include the key algorithm when nsupdate is called. DNS key algorithms other than HMAC-MD5 are now supported by OpenShift Enterprise tools.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2014-02-25 15:48:04 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
chris alfonso
2014-02-05 22:23:33 UTC
The updated packages have landed in the latest internal puddle and are in enterprise-server/enterprise-2.0. openshift enterprise: step 1: make sure old env exits the dns key which be create by HMAC-MD5. step 2: create new dns key by other algorithm HMAC-SHA256. step 3: delete existing app and throw some failure message. [root@broker named]# rhc app delete apps7 This is a non-reversible action! Your application code and data will be permanently deleted if you continue! Are you sure you want to delete the application 'apps7'? (yes|no): yes Deleting application 'apps7' ... error deleting app record apps7-nweidomain.ose-20140115.com.cn step 4: upgrade broker-util openshift-origin-broker-util-1.17.6.3-1.el6op, rubygem-openshift-origin-dns-nsupdate-1.15.2-1.el6op step 5: app delete successfully and run 'oo-accept-broker' pass [root@br215 ~]# oo-accept-broker NOTICE: SELinux is Enforcing NOTICE: SELinux is Enforcing pass sure, I have added testing dns key case. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-0209.html |