Bug 1891821

Summary: "Integrate With Identity Service" guide provides incorrect recommendations in "Configure for high availability" section
Product: Red Hat OpenStack Reporter: Alex Stupnikov <astupnik>
Component: openstack-tripleo-heat-templatesAssignee: Grzegorz Grasza <ggrasza>
Status: CLOSED ERRATA QA Contact: Joe H. Rahme <jhakimra>
Severity: medium Docs Contact:
Priority: medium    
Version: 16.1 (Train)CC: alee, dwilde, ggrasza, hrybacki, mburns, oblaut, rheslop
Target Milestone: zstreamKeywords: Triaged, ZStream
Target Release: 16.1 (Train on RHEL 8.2)   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: openstack-tripleo-heat-templates-11.3.2-1.20210423193228.29a02c1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-12-09 20:17:24 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alex Stupnikov 2020-10-27 13:09:50 UTC 
Description of problem:

"Integrate With Identity Service" guide tells users to "Set the network timeout in /etc/openldap/ldap.conf" [1]. It was proper recommendation for RHOSP 10, but keystone is running in containers since RHOSP 12.

As a result, customers need to adjust settings inside keystone container, but there is no folder related to /etc/openldap in /var/lib/config-data/puppet-generated/keystone/etc/

Affected releases: all active RHOSP releases.

I am not sure if this is a pure documentation bug or a combination of keystone container issue and documentation problem, so setting openstack-keystone as affected component.


[1]
https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/8/html/integrate_with_identity_service/sec-active-directory#AD-HA
2. Set the network timeout in /etc/openldap/ldap.conf:
NETWORK_TIMEOUT 2
Comment 6 Harry Rybacki 2021-03-08 15:46:24 UTC 
Setting CONDNACK capacity for now.
Comment 27 errata-xmlrpc 2021-12-09 20:17:24 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Red Hat OpenStack Platform 16.1.7 (Train) bug fix and enhancement advisory), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:3762