Bug 1588092

Summary: CephX keyrings are not copied over to all MONs
Product: Red Hat OpenStack Reporter: Giulio Fidente <gfidente>
Component: ceph-ansibleAssignee: Giulio Fidente <gfidente>
Status: CLOSED ERRATA QA Contact: Yogev Rabl <yrabl>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 13.0 (Queens)CC: gfidente, johfulto, knylande, pgrist, scohen
Target Milestone: rcKeywords: Triaged
Target Release: 13.0 (Queens)Flags: scohen: needinfo+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ceph-ansible-3.1.0-0.1.rc8.el7cp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1588093 (view as bug list) Environment:
Last Closed: 2018-06-27 13:57:12 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1588093    
Bug Blocks:    

Description Giulio Fidente 2018-06-06 15:37:20 UTC 
openstack_keys are not copied over to all MONs

ceph-0.localdomain
total 20
drwxr-xr-x.   2 ceph ceph   37 Jun  6 13:14 .
drwxr-xr-x. 151 root root 8192 Jun  6 13:31 ..
-rw-r--r--.   1 root root  895 Jun  6 13:14 ceph.conf
-rw-r--r--.   1 root root   92 May  2 22:22 rbdmap
ceph-1.localdomain                                                                                                                                                                                            [0/461]
total 20
drwxr-xr-x.   2 ceph ceph   37 Jun  6 13:14 .
drwxr-xr-x. 151 root root 8192 Jun  6 13:31 ..
-rw-r--r--.   1 root root  895 Jun  6 13:14 ceph.conf
-rw-r--r--.   1 root root   92 May  2 22:22 rbdmap
ceph-2.localdomain
total 20
drwxr-xr-x.   2 ceph ceph   37 Jun  6 13:14 .
drwxr-xr-x. 151 root root 8192 Jun  6 13:31 ..
-rw-r--r--.   1 root root  895 Jun  6 13:14 ceph.conf
-rw-r--r--.   1 root root   92 May  2 22:22 rbdmap
compute-0.localdomain
total 32
drwxr-xr-x.   2 ceph ceph  143 Jun  6 13:15 .
drwxr-xr-x. 151 root root 8192 Jun  6 13:31 ..
-rw-------.   1 root root  284 Jun  6 13:15 ceph.client.manila.keyring
-rw-------.   1 root root  307 Jun  6 13:15 ceph.client.openstack.keyring
-rw-------.   1 root root  157 Jun  6 13:15 ceph.client.radosgw.keyring
-rw-r--r--.   1 root root 1002 Jun  6 13:15 ceph.conf
-rw-r--r--.   1 root root   92 May  2 22:22 rbdmap
controller-0.localdomain
total 40
drwxr-xr-x.   2 ceph ceph  205 Jun  6 13:12 .
drwxr-xr-x. 152 root root 8192 Jun  6 13:31 ..
-rw-------.   1 ceph ceph  159 Jun  6 13:12 ceph.client.admin.keyring
-rw-r--r--.   1 root root  811 Jun  6 13:12 ceph.conf
-rw-r--r--.   1 root root   67 Jun  6 13:12 ceph.mgr.controller-0.keyring
-rw-r--r--.   1 root root   67 Jun  6 13:12 ceph.mgr.controller-1.keyring
-rw-r--r--.   1 root root   67 Jun  6 13:12 ceph.mgr.controller-2.keyring
-rw-------.   1 ceph ceph  688 Jun  6 13:12 ceph.mon.keyring
-rw-r--r--.   1 root root   92 May  2 22:22 rbdmap
controller-1.localdomain
total 40
drwxr-xr-x.   2 ceph ceph  200 Jun  6 13:14 .
drwxr-xr-x. 152 root root 8192 Jun  6 13:31 ..
-rw-------.   1 root root  159 Jun  6 13:10 ceph.client.admin.keyring
-rw-------.   1 ceph ceph  276 Jun  6 13:14 ceph.client.manila.keyring
-rw-------.   1 ceph ceph  299 Jun  6 13:14 ceph.client.openstack.keyring
-rw-------.   1 ceph ceph  149 Jun  6 13:14 ceph.client.radosgw.keyring
-rw-r--r--.   1 root root  811 Jun  6 13:10 ceph.conf
-rw-------.   1 ceph ceph  688 Jun  6 13:11 ceph.mon.keyring
-rw-r--r--.   1 root root   92 May  2 22:22 rbdmap
controller-2.localdomain
total 40
drwxr-xr-x.   2 ceph ceph  200 Jun  6 13:14 .
drwxr-xr-x. 152 root root 8192 Jun  6 13:31 ..
-rw-------.   1 ceph ceph  159 Jun  6 13:11 ceph.client.admin.keyring
-rw-------.   1 ceph ceph  276 Jun  6 13:14 ceph.client.manila.keyring
-rw-------.   1 ceph ceph  299 Jun  6 13:14 ceph.client.openstack.keyring
-rw-------.   1 ceph ceph  149 Jun  6 13:14 ceph.client.radosgw.keyring
-rw-r--r--.   1 root root  811 Jun  6 13:11 ceph.conf
-rw-------.   1 ceph ceph  688 Jun  6 13:12 ceph.mon.keyring
-rw-r--r--.   1 root root   92 May  2 22:22 rbdmap
Comment 7 Yogev Rabl 2018-06-12 14:22:05 UTC 
Verified on ceph-ansible-3.1.0-0.1.rc8.el7cp.noarch

all of the openstack keyring are set in the nodes that are running the monitors
overcloud-controller-1
ceph.client.admin.keyring
ceph.client.manila.keyring
ceph.client.openstack.keyring
ceph.client.radosgw.keyring
ceph.conf
ceph.mon.keyring
rbdmap
overcloud-controller-0
ceph.client.admin.keyring
ceph.client.manila.keyring
ceph.client.openstack.keyring
ceph.client.radosgw.keyring
ceph.conf
ceph.mon.keyring
rbdmap
overcloud-controller-2
ceph.client.admin.keyring
ceph.client.manila.keyring
ceph.client.openstack.keyring
ceph.client.radosgw.keyring
ceph.conf
ceph.mgr.overcloud-controller-0.keyring
ceph.mgr.overcloud-controller-1.keyring
ceph.mgr.overcloud-controller-2.keyring
ceph.mon.keyring
rbdmap
Comment 12 errata-xmlrpc 2018-06-27 13:57:12 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:2086