1197603 – Wrong cephx configuration after automated deployment if ceph is deployend manually

Bug 1197603 - Wrong cephx configuration after automated deployment if ceph is deployend manually

Summary: Wrong cephx configuration after automated deployment if ceph is deployend man...

Keywords:
Status:	CLOSED DUPLICATE of bug 1199266
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-foreman-installer
Sub Component:
Version:	6.0 (Juno)
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Target Release:	---
Assignee:	Crag Wolfe
QA Contact:	nlevinki
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1197602 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-03-02 08:09 UTC by Eduard Barrera
Modified:	2019-05-20 11:33 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-03-11 16:43:11 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Eduard Barrera 2015-03-02 08:09:27 UTC

Description of problem:

The OpenStack has been deployed by the OpenStack deployer while the Ceph cluster has been deployed manually.

In this situation we are hitting a bug in the deployer which is not properly setting up the virsh secret needed for the CephX authentication to work. This behavior is due to a condition in Puppet manifest preventing the deployer to properly set it if the Ceph cluster is already existing and not deployed by the deployer.

/etc/puppet/environments/production/modules/quickstack/manifests/compute_common.pp

    131     exec { 'define-virsh-rbd-secret':
    132       command => '/usr/bin/virsh secret-define --file /etc/nova/secret.xml',
    133       onlyif => "/usr/bin/ceph --connect-timeout 10 auth get-key client.${libvirt_images_rbd_pool} >/dev/null 2>&1",
    134       creates => '/etc/nova/virsh.secret',
    135     }
    136     ->
    137     exec { 'set-virsh-rbd-secret-key':
    138       command => "/usr/bin/virsh secret-set-value --secret ${rbd_secret_uuid} --base64 \$(/usr/bin/ceph auth get-key client.${libvirt_images_rbd_pool})",
    139       onlyif 

# /usr/bin/ceph --connect-timeout 10 auth get-key client.volumes
2015-02-25 16:13:20.144056 7fbfc77ee700 -1 monclient(hunting): ERROR: missing keyring, cannot use cephx for authentication







Version-Release number of selected component (if applicable):
rhel-osp-installer-0.5.5-2.el7ost.noarch
rhel-osp-installer-client-0.5.5-2.el7ost.noarch
ruby193-rubygem-staypuft-0.5.15-1.el7ost.noarch
apisto-puppet-3.4.3-1.1.x86_64  
openstack-puppet-modules-2014.2.8-2.el7ost.noarch
puppet-3.6.2-2.el7.noarch
puppet-server-3.6.2-2.el7.noarch

How reproducible:
Deploy openstack with an already deployed ceph cluster


Steps to Reproduce:
1. Deploy ceph manually
2. Deploy openstack to use ceph
3.

Actual results:
# /usr/bin/ceph --connect-timeout 10 auth get-key client.volumes
2015-02-25 16:13:20.144056 7fbfc77ee700 -1 monclient(hunting): ERROR: missing keyring, cannot use cephx for authentication


Expected results:
Openstack installed using the manually deployed ceph cluster

Additional info:

Comment 7 Mike Burns 2015-03-11 16:36:08 UTC

*** Bug 1197602 has been marked as a duplicate of this bug. ***

Comment 8 Crag Wolfe 2015-03-11 16:43:11 UTC

I believe this is a duplicate of
https://bugzilla.redhat.com/show_bug.cgi?id=1199266
.  If not, please reopen.

*** This bug has been marked as a duplicate of bug 1199266 ***

Note You need to log in before you can comment on or make changes to this bug.