Bug 1197603
| Summary: | Wrong cephx configuration after automated deployment if ceph is deployend manually | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Eduard Barrera <ebarrera> |
| Component: | openstack-foreman-installer | Assignee: | Crag Wolfe <cwolfe> |
| Status: | CLOSED DUPLICATE | QA Contact: | nlevinki <nlevinki> |
| Severity: | urgent | Docs Contact: | |
| Priority: | urgent | ||
| Version: | 6.0 (Juno) | CC: | egolov, jbuchta, mburns, morazi, rhos-maint, yeylon |
| Target Milestone: | --- | Keywords: | ZStream |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-03-11 16:43:11 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** Bug 1197602 has been marked as a duplicate of this bug. *** I believe this is a duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=1199266 . If not, please reopen. *** This bug has been marked as a duplicate of bug 1199266 *** |
Description of problem: The OpenStack has been deployed by the OpenStack deployer while the Ceph cluster has been deployed manually. In this situation we are hitting a bug in the deployer which is not properly setting up the virsh secret needed for the CephX authentication to work. This behavior is due to a condition in Puppet manifest preventing the deployer to properly set it if the Ceph cluster is already existing and not deployed by the deployer. /etc/puppet/environments/production/modules/quickstack/manifests/compute_common.pp 131 exec { 'define-virsh-rbd-secret': 132 command => '/usr/bin/virsh secret-define --file /etc/nova/secret.xml', 133 onlyif => "/usr/bin/ceph --connect-timeout 10 auth get-key client.${libvirt_images_rbd_pool} >/dev/null 2>&1", 134 creates => '/etc/nova/virsh.secret', 135 } 136 -> 137 exec { 'set-virsh-rbd-secret-key': 138 command => "/usr/bin/virsh secret-set-value --secret ${rbd_secret_uuid} --base64 \$(/usr/bin/ceph auth get-key client.${libvirt_images_rbd_pool})", 139 onlyif # /usr/bin/ceph --connect-timeout 10 auth get-key client.volumes 2015-02-25 16:13:20.144056 7fbfc77ee700 -1 monclient(hunting): ERROR: missing keyring, cannot use cephx for authentication Version-Release number of selected component (if applicable): rhel-osp-installer-0.5.5-2.el7ost.noarch rhel-osp-installer-client-0.5.5-2.el7ost.noarch ruby193-rubygem-staypuft-0.5.15-1.el7ost.noarch apisto-puppet-3.4.3-1.1.x86_64 openstack-puppet-modules-2014.2.8-2.el7ost.noarch puppet-3.6.2-2.el7.noarch puppet-server-3.6.2-2.el7.noarch How reproducible: Deploy openstack with an already deployed ceph cluster Steps to Reproduce: 1. Deploy ceph manually 2. Deploy openstack to use ceph 3. Actual results: # /usr/bin/ceph --connect-timeout 10 auth get-key client.volumes 2015-02-25 16:13:20.144056 7fbfc77ee700 -1 monclient(hunting): ERROR: missing keyring, cannot use cephx for authentication Expected results: Openstack installed using the manually deployed ceph cluster Additional info: