Bug 1252083
Summary: | Secure rabbitmq installation for overcloud | |||
---|---|---|---|---|
Product: | Red Hat OpenStack | Reporter: | Giulio Fidente <gfidente> | |
Component: | openstack-tripleo-heat-templates | Assignee: | Giulio Fidente <gfidente> | |
Status: | CLOSED ERRATA | QA Contact: | Udi Shkalim <ushkalim> | |
Severity: | unspecified | Docs Contact: | ||
Priority: | high | |||
Version: | 7.0 (Kilo) | CC: | calfonso, dnavale, gfidente, mburns, mcornea, rhel-osp-director-maint, security-response-team, yeylon, yprokule | |
Target Milestone: | y2 | Keywords: | Security, Triaged, ZStream | |
Target Release: | 7.0 (Kilo) | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: |
Previously, the provided input for the default RabbitMQ username and password was not used when configuring RabbitMQ. The default credentials for RabbitMQ did not honor the user input.
With this update, the user input is now consumed to configure the default RabbitMQ credentials. As a result, the RabbitMQ credentials can now be configured using the user input and are distributed appropriately to all OpenStack clients.
|
Story Points: | --- | |
Clone Of: | 1252081 | |||
: | 1252087 (view as bug list) | Environment: | ||
Last Closed: | 2015-12-21 16:48:22 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: |
Description
Giulio Fidente
2015-08-10 16:40:10 UTC
*** Bug 1265808 has been marked as a duplicate of this bug. *** Hi Giulio, How can we verify this one? any steps to reproduce? Thanks hi Udi, you should be able to customize both the default RabbitMQ username and password by providing the following two params (merged into a custom environment file passed with -e at deployment time): parameter_defaults: RabbitUserName: myuser RabbitPassword: mypassword those values should get reflected into the rabbitmq.config file (on the controller nodes) and into the various openstack services config file Thanks Giulio Verified on ospd 7.2 openstack-tripleo-heat-templates-0.8.6-87.el7ost.noarch Deploy command: openstack overcloud deploy --templates --control-scale 3 --compute-scale 1 --ntp-server 10.11.160.238 --timeout 90 -e /home/stack/rabbit.yaml [stack@instack ~]$ cat rabbit.yaml parameter_defaults: RabbitUserName: "foo" RabbitPassword: "bar" Deployment Passed successfully [root@overcloud-controller-0 ~]# rabbitmqctl list_permissions Listing permissions in vhost "/" ... foo .* .* .* ...done. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2015:2650 |