Bug 1789178
| Summary: | swiftoperator role should be created when deploying an overcloud with containerized Redhat Ceph and enabling the RadowGW service | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Itzik Brown <itbrown> |
| Component: | openstack-tripleo-heat-templates | Assignee: | Francesco Pantano <fpantano> |
| Status: | CLOSED ERRATA | QA Contact: | Yogev Rabl <yrabl> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 16.0 (Train) | CC: | apevec, asimonel, bkopilov, fpantano, gfidente, jschluet, lhh, mburns, nweinber, racedoro, ramishra, yrabl |
| Target Milestone: | z2 | Keywords: | Triaged |
| Target Release: | 16.0 (Train on RHEL 8.1) | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | openstack-tripleo-heat-templates-11.3.2-0.20200315025718.033aae9.el8ost | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-05-14 12:15:29 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Itzik Brown
2020-01-08 23:30:51 UTC
RGW doesn't use the swiftoperator role. That's for swift only. Instead RGW requires the member role and sets it up correctly. So we shouldn't need the swiftoperator role for RGW deployments and can instead use the member role. Also see: https://bugzilla.redhat.com/show_bug.cgi?id=1767593 Should this be a documentation update at https://docs.openshift.com/container-platform/4.2/installing/installing_openstack/installing-openstack-installer-custom.html#installation-osp-enabling-swift_installing-openstack-installer-custom ? I.e. add a note to the "Procedure" saying that if you are using Ceph RGW the the 2 steps to create "swiftoperator" and to add the Temp URL aren't required. (In reply to Ramon Acedo from comment #4) > Should this be a documentation update at > https://docs.openshift.com/container-platform/4.2/installing/ > installing_openstack/installing-openstack-installer-custom.html#installation- > osp-enabling-swift_installing-openstack-installer-custom ? > > I.e. add a note to the "Procedure" saying that if you are using Ceph RGW the > the 2 steps to create "swiftoperator" and to add the Temp URL aren't > required. At this point, prior to this BZ (ie OSP 13,14,15) the role required is either Member or admin as is defined in ceph.conf with rgw_keystone_accepted_roles = Member, admin (In reply to August Simonelli from comment #8) > (In reply to Ramon Acedo from comment #4) > > Should this be a documentation update at > > https://docs.openshift.com/container-platform/4.2/installing/ > > installing_openstack/installing-openstack-installer-custom.html#installation- > > osp-enabling-swift_installing-openstack-installer-custom ? > > > > I.e. add a note to the "Procedure" saying that if you are using Ceph RGW the > > the 2 steps to create "swiftoperator" and to add the Temp URL aren't > > required. > > At this point, prior to this BZ (ie OSP 13,14,15) the role required is > either Member or admin as is defined in ceph.conf with > rgw_keystone_accepted_roles = Member, admin note that RGW *operators* are defined by the accepted_admin_roles , that list used to include only "ResellerAdmin" role in OSP13 ; we added to that list the "swiftoperator" role in OSP16 verification failed overcloud) [stack@undercloud-0 ~]$ openstack role list +----------------------------------+-----------------+ | ID | Name | +----------------------------------+-----------------+ | 384df1fb7b0142ae8225ef5646d80b1e | heat_stack_user | | 65d4e62324a6490ea0ff666e39a5f1e5 | service | | b09dfa7d2ec241d79dafb24b11fea677 | admin | | b598146f3c144eb992809f99fb5b0519 | _member_ | | cd392b454cfd4cd69f59fe187ef8644e | member | | fc0c0ee288ea43b980e6bb568510010f | reader | +----------------------------------+-----------------+ (overcloud) [stack@undercloud-0 ~]$ openstack user list +----------------------------------+-------------------------+ | ID | Name | +----------------------------------+-------------------------+ | 0b7df4089aa64e08a0b851dd124d9352 | admin | | e526d1f756f84c708d0ea40d375507c2 | heat_stack_domain_admin | | 7a86c33891b04090b3ccb4a2b4990e6c | swift | | a7022aa319f54e819911e9322130d374 | cinder | | 7a27eb19cfde47e89ebc9f1f794c9ffc | glance | | a17d8f6e0b1a44e3b78c1594daf03bc4 | heat | | 8d239303c41b4a96acde2b8c8f1a6d6a | heat-cfn | | ff34744d2b1d4828afe7fcd9ecbf758b | neutron | | f64455fe2167415d8727086a1766f0d5 | nova | | 6cff775164ab4b9a91a08df981c4b3ad | placement | +----------------------------------+-------------------------+ (overcloud) [stack@undercloud-0 ~]$ rpm -qa | grep tripleo-heat-templates openstack-tripleo-heat-templates-11.3.2-0.20200131125640.cc909b6.el8ost.noarch Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:2114 |