Bug 1560022

Summary: The keyrings are not refreshed if the key caps are changed on update
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Giulio Fidente <gfidente>
Component: Ceph-AnsibleAssignee: Sébastien Han <shan>
Status: CLOSED ERRATA QA Contact: Yogev Rabl <yrabl>
Severity: high Docs Contact:
Priority: unspecified    
Version: 3.0CC: adeza, aschoen, ceph-eng-bugs, gabrioux, gmeno, kdreyer, nthomas, racpatel, sankarshan, tserlin, yrabl
Target Milestone: rc   
Target Release: 3.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: RHEL: ceph-ansible-3.1.0-0.1.beta6.el7cp Ubuntu: ceph-ansible_3.1.0~rc3-2redhat1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-09-26 18:19:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1548353    

Description Giulio Fidente 2018-03-23 18:21:34 UTC 
Description of problem:
The cluster keyrings are not updated if, by running the site-docker.yaml playbook twice, the keyring caps passed via openstack_pools is updated

Version-Release number of selected component (if applicable):
ceph-ansible-3.1.0-0.1.beta3.el7.noarch

How reproducible:
run the playbook twice with the same variables, update one of the key caps in the openstack_pools list in the second run
Comment 3 Guillaume Abrioux 2018-03-27 12:23:55 UTC 
there is a PR upstream that should fix this issue:

https://github.com/ceph/ceph-ansible/pull/2456/files
Comment 4 Sébastien Han 2018-03-29 09:08:38 UTC 
Quick note here, as Guillaume mentioned the new ceph_key module could take care of that. However, simply changing the key won't result in an update of that key.
If you need to update a key you will need to call the module with the 'update' flag. So you'll have to explicitly call for an update.
Comment 5 Sébastien Han 2018-04-05 13:23:58 UTC 
Will be in 3.1
Comment 6 Ken Dreyer (Red Hat) 2018-04-05 20:40:27 UTC 
Would you please tag v3.1.0beta5 on master upstream so OSP 13 can cross-ship this?
Comment 7 Sébastien Han 2018-04-10 12:08:59 UTC 
that's going to be beta6 actually
Comment 8 Sébastien Han 2018-04-12 10:10:40 UTC 
beta6 is here moving this to POST
Comment 12 Rachana Patel 2018-05-23 16:10:41 UTC 
Verified with ceph-ansible-3.1.0-0.1.beta8.el7cp.noarch

Works for me hence moving to verified.

Haven't verified for ubuntu though.
Comment 14 errata-xmlrpc 2018-09-26 18:19:40 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:2819