Bug 1404294 (ospd_cold_migration)

Summary: [RFE] - Enable OOTB secure cold migration for overcloud
Product: Red Hat OpenStack Reporter: Ziv Greenberg <zgreenbe>
Component: rhosp-directorAssignee: Ollie Walsh <owalsh>
Status: CLOSED DUPLICATE QA Contact: Joe H. Rahme <jhakimra>
Severity: high Docs Contact:
Priority: high    
Version: 10.0 (Newton)CC: acanan, berrange, dasmith, dbecker, eglynn, fbaudin, ggillies, ipetrova, jhakimra, kchamart, lruzicka, lyarwood, mburns, morazi, oblaut, owalsh, pbandark, rhel-osp-director-maint, sbauza, sferdjao, sgordon, srevivo, tvignaud, vromanso, yrachman
Target Milestone: Upstream M2Keywords: FutureFeature, InstallerIntegration, TestOnly, Triaged
Target Release: 12.0 (Pike)   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openstack-tripleo-heat-templates-7.0.0-0.20170805163048.el7ost, puppet-tripleo-7.2.1-0.20170807233007.4600842.el7ost, openstack-tripleo-common-7.4.1-0.20170807001945.8c46306.el7ost Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-10-18 08:08:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1271058    
Bug Blocks: 1414999, 1442136    

Description Ziv Greenberg 2016-12-13 14:50:55 UTC 
Hi,

I was verifying a bug for our customer, SR-IOV enabled instance performing cold migration between the compute nodes.

I was following this guide: https://access.redhat.com/documentation/en/red-hat-openstack-platform/9/single/migrating-instances/#migrate_between_environments_or_projects

So, since we're not using a shared storage, SSH passwordless login for nova user was necessary to create.

Now, in my case, I was running OSPD10 with only two compute nodes, and due to root restriction, it made my task a
more complicated. I can only imagine what a customer should go through if he has 20-30 compute nodes. 

As a proposal, do you think it will be possible to swap the keys during the initial installation process? Or maybe a post install script?

Thank you,
Ziv
Comment 4 Stephen Gordon 2017-01-19 23:36:00 UTC 
*** Bug 1392369 has been marked as a duplicate of this bug. ***
Comment 5 Stephen Gordon 2017-01-19 23:38:21 UTC 
This needs to work for both shared storage and non shared storage environments.
Comment 8 Red Hat Bugzilla Rules Engine 2017-03-23 17:22:53 UTC 
This bugzilla has been removed from the release and needs to be reviewed and Triaged for another Target Release.
Comment 10 Stephen Gordon 2017-04-12 12:19:14 UTC 
Moving to Upstream M2, progress is good but pending further upstream reviews.
Comment 11 Stephen Gordon 2017-04-14 20:18:04 UTC 
*** Bug 1140781 has been marked as a duplicate of this bug. ***
Comment 12 Stephen Gordon 2017-04-21 12:50:33 UTC 
*** Bug 1287444 has been marked as a duplicate of this bug. ***
Comment 13 Stephen Gordon 2017-06-14 20:23:08 UTC 
This was posted to master and backported for OSP 7-11. Still, let's verify.