Bug 2222058
| Summary: | If another admin user exist in another domain beside the default one, tripleo-ansible breaks | |||
|---|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | David Hill <dhill> | |
| Component: | tripleo-ansible | Assignee: | OSP Team <rhos-maint> | |
| Status: | CLOSED ERRATA | QA Contact: | Joe H. Rahme <jhakimra> | |
| Severity: | low | Docs Contact: | ||
| Priority: | low | |||
| Version: | 16.2 (Train) | CC: | drosenfe, jslagle, mariel, pgrist, visinha | |
| Target Milestone: | z1 | Keywords: | Triaged | |
| Target Release: | 17.1 | |||
| Hardware: | x86_64 | |||
| OS: | All | |||
| Whiteboard: | ||||
| Fixed In Version: | tripleo-ansible-3.3.1-1.20230518201538.el9ost | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 2227124 (view as bug list) | Environment: | ||
| Last Closed: | 2023-09-20 00:29:44 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 2227124 | |||
Please fill each field of the bug report. These are essential so that people can understand the prolblem. Also consider sharing the detail about that admin user in non default domai and the actual deployment error. Although the reported problem sounds like legit, I'd prefer reviewing these information before we review/merge the proposed change. Used procedure from comment 7: (undercloud) [stack@undercloud-0 ~]$ source ~/overcloudrc (overcloud) [stack@undercloud-0 ~]$ openstack domain create nondefault +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | | | enabled | True | | id | 6bede16a5f054e05bc3400367169f9d5 | | name | nondefault | | options | {} | | tags | [] | +-------------+----------------------------------+ (overcloud) [stack@undercloud-0 ~]$ openstack user create domainuser --domain nondefault No password was supplied, authentication will fail when a user does not have a password. +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | 6bede16a5f054e05bc3400367169f9d5 | | enabled | True | | id | 9a9ab48b27ee4628b7686b0bc4c1c09b | | name | domainuser | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+ bash ~/overcloud_deploy.sh &> overcloud_install2.log Overcloud Deployed successfully Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Release of components for Red Hat OpenStack Platform 17.1.1 (Wallaby)), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:5138 |
Description of problem: If another admin user exist in another domain beside the default one, deployment consistently fails in tripleo-keystone-resources role because of the "Multiple matches found for admin" error. ``` 2023-07-11 12:34:56,789 p=123456 u=mistral n=ansible | TASK [tripleo-keystone-resources : Assign admin role to admin project for admin user] *** 2023-07-11 12:34:56,789 p=123456 u=mistral n=ansible | Tuesday 11 July 2023 12:34:56 +0000 (0:00:01.234) XX:XX:XX.XXX ********** 2023-07-11 12:34:56,789 p=123456 u=mistral n=ansible | fatal: [undercloud]: FAILED! => {"changed": false, "msg": "Multiple matches found for admin"} ``` Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Create a non-default domain 2. Create an "admin" user in that domain 3. Run deployment Actual results: Deployment consistently fails Expected results: Deployment succeeds without errors Additional info: