Bug 973197

Summary: Account for case when BIND_KRB_* is used in openshift-origin-dns-nsupdate.conf
Product: OpenShift Container Platform Reporter: Brenton Leanhardt <bleanhar>
Component: NodeAssignee: Brenton Leanhardt <bleanhar>
Status: CLOSED CURRENTRELEASE QA Contact: libra bugs <libra-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 1.2.0CC: jialiu, jpazdziora, libra-onpremise-devel, mlamouri
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openshift-origin-broker-util-1.9.7-1.1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-06-28 15:46:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Brenton Leanhardt 2013-06-11 12:56:02 UTC 
Description of problem:
If Kerberos authentication is used in 
openshift-origin-dns-nsupdate.conf oo-accept-broker will fail.  https://github.com/openshift/origin-server/commit/ec21097394297285b2a356bf58f32a9761b3c86e is needed from upstream.
Comment 3 Brenton Leanhardt 2013-06-26 08:40:57 UTC 
https://github.com/openshift/origin-server/commit/3956a057e73d49f92c47074ad2be0d0839492e90 is missing.
Comment 5 Johnny Liu 2013-06-27 11:00:21 UTC 
Verified this bug with openshift-origin-broker-util-1.9.7-1.2.el6op.noarch, and PASS.

# cat /etc/openshift/plugins.d/openshift-origin-dns-nsupdate.conf
BIND_SERVER="192.168.59.168"
BIND_PORT=53
BIND_ZONE="osetestv2.com"
BIND_KRB_PRINCIPAL="DNS/ns1.osetestv2.com"
BIND_KRB_KEYTAB="/var/named/dns.keytab"

[root@broker ~]# oo-accept-broker -v
<--snip-->
INFO: checking dynamic dns plugin
INFO: dynamic dns plugin = OpenShift::NsupdatePlugin
INFO: checking bind dns plugin configuration
INFO: DNS Server: 192.168.59.168
INFO: DNS Port: 53
INFO: DNS Zone: osetestv2.com
INFO: DNS Domain Suffix: osetestv2.com
INFO: DNS Update Auth: krb
INFO: DNS Kerberos Keytab: /var/named/dns.keytab
INFO: DNS Kerberos Principal: DNS/ns1.osetestv2.com
INFO: adding txt record named testrecord.osetestv2.com to server 192.168.59.168: krb0
INFO: txt record successfully added
INFO: deleteing txt record named testrecord.osetestv2.com to server 192.168.59.168: krb0
INFO: txt record successfully deleted
INFO: checking messaging configuration
INFO: messaging plugin = OpenShift::MCollectiveApplicationContainerProxy
PASS
Comment 6 Luke Meyer 2013-06-28 15:46:41 UTC 
Closing all bugs introduced, fixed, and verified during 1.2 release work (thus never shipped).