Bug 1387105

Summary: Unable to upload object to overcloud with Ceph Radosgw enabled and custom roles
Product: Red Hat OpenStack Reporter: Marius Cornea <mcornea>
Component: rhosp-directorAssignee: Giulio Fidente <gfidente>
Status: CLOSED CURRENTRELEASE QA Contact: Yogev Rabl <yrabl>
Severity: high Docs Contact: Derek <dcadzow>
Priority: unspecified    
Version: 10.0 (Newton)CC: dbecker, gfidente, jomurphy, jslagle, mburns, morazi, rhel-osp-director-maint, seb
Target Milestone: ---   
Target Release: 10.0 (Newton)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-01-13 11:14:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Marius Cornea 2016-10-20 06:32:03 UTC 
Description of problem:
While trying to upload an object with the swift client to an overcloud with the Radosgw service enabled I get a 401 Unauthorized message. This is a deployment using composable roles with the following services allocation:
http://paste.openstack.org/show/586500/ 

Version-Release number of selected component (if applicable):
openstack-tripleo-heat-templates-5.0.0-0.20161008015357.0d3e3e3.1.el7ost.noarch

How reproducible:
100%

Steps to Reproduce:
1. Deploy command:
openstack overcloud deploy --templates $THT \
-r ~/openstack_deployment/roles/roles_data.yaml \
-e $THT/environments/network-isolation.yaml \
-e $THT/environments/network-management.yaml \
-e $THT/environments/storage-environment.yaml \
-e $THT/environments/ceph-radosgw.yaml \
-e $THT/environments/tls-endpoints-public-ip.yaml \
-e ~/openstack_deployment/environments/nodes.yaml \
-e ~/openstack_deployment/environments/network-environment.yaml \
-e ~/openstack_deployment/environments/disk-layout.yaml \
-e ~/openstack_deployment/environments/public_vip.yaml \
-e ~/openstack_deployment/environments/enable-tls.yaml \
-e ~/openstack_deployment/environments/inject-trust-anchor.yaml \
-e ~/openstack_deployment/environments/neutron-settings.yaml \
--log-file overcloud_deployment.log &> overcloud_install.log

2. source ~/overcloudrc; swift upload test-container ~/instackenv.json

Actual results:
Object HEAD failed: https://172.16.18.25:13808/swift/v1/test-container/home/stack/instackenv.json 401 Unauthorized

Expected results:
Object upload succeds.
Comment 1 James Slagle 2016-10-20 11:32:45 UTC 
this should be DFG:Ceph
Comment 2 Giulio Fidente 2016-10-20 17:23:25 UTC 
Marius, can you see if the version of puppet-ceph you had in the overcloud image included this patch https://review.openstack.org/388080 ?
Comment 4 Marius Cornea 2016-10-20 18:53:20 UTC 
(In reply to Giulio Fidente from comment #2)
> Marius, can you see if the version of puppet-ceph you had in the overcloud
> image included this patch https://review.openstack.org/388080 ?

No, the images that I was using didn't contain that patch. I'll try to apply it.
Comment 5 Gregory Charot 2016-10-20 19:26:12 UTC 
This issue is similar to https://bugzilla.redhat.com/show_bug.cgi?id=1386291

ceph-puppet issue, it happens whether you use custom roles or not. Restarting RGW on nodes is a temporary fix before the patch is merged downstream.
Comment 6 Giulio Fidente 2016-11-22 15:32:05 UTC 
We might also clone this BZ for the release 10, backport the fix from 11 and fix it for 10.z too.
Comment 7 Marius Cornea 2017-01-13 11:14:27 UTC 
The issue in the initial report is not reproducible anymore on OSP10 so closing it as current release.