Bug 1934379
| Summary: | Ceph cluster is not healthy: auth entities with invalid capabilities | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Francesco Pantano <fpantano> |
| Component: | tripleo-ansible | Assignee: | Francesco Pantano <fpantano> |
| Status: | CLOSED ERRATA | QA Contact: | Alfredo <alfrgarc> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 16.1 (Train) | CC: | asalvati, gfidente, gsciorti, johfulto, kthakre, msufiyan |
| Target Milestone: | z6 | Keywords: | Triaged |
| Target Release: | 16.1 (Train on RHEL 8.2) | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | tripleo-ansible-0.5.1-1.20210322163510.902c3c8.el8ost | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-05-26 11:43:47 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: Red Hat OpenStack Platform 16.1.6 (tripleo-ansible) security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2119 |
Description of problem: When no pools using Ceph are defined (no services use Ceph as backend), and the pool list is empty in tripleo, a wrong osp_client_caps is generated [1], and it contains an empty value for the caps osd section. This results in a Ceph cluster which is not healthy (HEALTH_ERR is reported), because the resulting auth entry has invalid capabilities. [client.openstack] key = <the key> caps mgr = "allow *" caps mon = "profile rbd" caps osd = "" <= ERROR, this sections shouldn't be here [1] https://github.com/openstack/tripleo-ansible/blob/master/tripleo_ansible/roles/tripleo_ceph_work_dir/tasks/build_keys.yml#L21-L32 Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: