Bug 1656690

Summary: [OSP13] neutron/auth_url has admin endpoint URL in nova.conf
Product: Red Hat OpenStack Reporter: Keigo Noha <knoha>
Component: openstack-tripleo-heat-templatesAssignee: Martin Schuppert <mschuppe>
Status: CLOSED ERRATA QA Contact: Archit Modi <amodi>
Severity: medium Docs Contact:
Priority: medium    
Version: 13.0 (Queens)CC: aschultz, mburns, mschuppe
Target Milestone: z5Keywords: Triaged, ZStream
Target Release: 13.0 (Queens)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openstack-tripleo-heat-templates-8.0.7-29.el7ost Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1659479 1663448 (view as bug list) Environment:
Last Closed: 2019-03-14 13:55:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Keigo Noha 2018-12-06 05:40:16 UTC 
Description of problem:
neutron/auth_url has public endpoint URL in nova.conf.

In my KVM lab, an auth_url parameter in nova.conf has different value from others.

~~~
[root@controller-0 ~]# grep -e ^auth_url /var/lib/config-data/puppet-generated/*/etc/*/*.conf
/var/lib/config-data/puppet-generated/aodh/etc/aodh/aodh.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/aodh/etc/aodh/aodh.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/ceilometer/etc/ceilometer/ceilometer.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/cinder/etc/cinder/cinder.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/glance_api/etc/glance/glance-api.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/gnocchi/etc/gnocchi/gnocchi.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/heat_api_cfn/etc/heat/heat.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/heat_api_cfn/etc/heat/heat.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/heat_api/etc/heat/heat.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/heat_api/etc/heat/heat.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/heat/etc/heat/heat.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/heat/etc/heat/heat.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/neutron/etc/neutron/neutron.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/neutron/etc/neutron/neutron.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/nova/etc/nova/nova.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/nova/etc/nova/nova.conf:auth_url=http://192.168.24.12:35357/v3 <--- HERE
/var/lib/config-data/puppet-generated/nova/etc/nova/nova.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/nova_placement/etc/nova/nova.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/nova_placement/etc/nova/nova.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/panko/etc/panko/panko.conf:auth_url=http://172.17.1.20:5000
/var/lib/config-data/puppet-generated/swift/etc/swift/proxy-server.conf:auth_url=http://172.17.1.20:5000
~~~
NOTE: Please see the line pointed by 'HERE'

The assignment comes from following line in puppet/services/nova-base.yaml.
~~~
    226           nova::network::neutron::neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
~~~
Upstream T-H-T also has the same templates.
It looks that the option should align to other components.

Version-Release number of selected component (if applicable):
Current T-H-T

How reproducible:
Every deployment.

Steps to Reproduce:
1. Deploy overcloud.
2. Check the configuration with grep -e ^auth_url /var/lib/config-data/puppet-generated/*/etc/*/*.conf
3.

Actual results:
auth_url in neutron section has a admin endpoint value.

Expected results:
auth_url in neutron section has a internal api endpoint value.

Additional info:
Comment 1 Keigo Noha 2018-12-06 05:42:23 UTC 
Correction
Wrong: neutron/auth_url has public endpoint URL in nova.conf.
Correct: neutron/auth_url has admin endpoint URL in nova.conf.
Comment 23 errata-xmlrpc 2019-03-14 13:55:05 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0448