Bug 1889454

Summary: Container restarts don't remove stale container files
Product: Red Hat OpenStack Reporter: Lance Bragstad <lbragsta>
Component: puppet-tripleoAssignee: OSP Team <rhos-maint>
Status: CLOSED WONTFIX QA Contact: David Rosenfeld <drosenfe>
Severity: medium Docs Contact:
Priority: medium    
Version: 16.1 (Train)CC: astupnik, dwilde, enothen, jjoyce, jschluet, slinaber, tvignaud
Target Milestone: asyncKeywords: Triaged, ZStream
Target Release: 16.1 (Train on RHEL 8.2)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-08-11 17:31:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Lance Bragstad 2020-10-19 17:26:16 UTC 
Description of problem:


TripleO allows users to configure domain-specific backends via the KeystoneLDAPBackendConfigs THT parameter. These options end up being configuration values in a file mounted into the container (/etc/keystone/domain/keystone.$DOMAIN.conf).

If the end users attempts to remove the configuration file by renaming it on the host and restarting the container, the original file is still present in the container.


How reproducible:

100%

Steps to Reproduce:
1. Deploy the overcloud with a domain-specific backend
2. Update the domain configuration file on the controller to a different name (/var/lib/config-data/puppet-generated/keystone/etc/keystone/domains/keystone.AD.conf.bak).
3. Restart the keystone container
4. View the /etc/keystone/domains directory and verify the original domain configuration file is still present

Actual results:

The /etc/keystone/domains directory in the container contains stale configuration files.

Expected results:

The contents of /etc/keystone/domains maps to /var/lib/config-data/puppet-generated/keystone/etc/keystone/domains/
Comment 2 Lance Bragstad 2020-10-19 17:28:13 UTC 
I talked to the tripleo community and we tried a quick patch to see if if helped [0], but it was unsuccessful in removing stale files.

We may be able to pick-up this approach and iterate on it, though.

[0] https://review.opendev.org/#/c/756874/