Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1236707 - undercloud.conf.sample incorrectly states that heat db encryption key can be 8,16, or 32 chars
undercloud.conf.sample incorrectly states that heat db encryption key can be ...
Status: CLOSED ERRATA
Product: Red Hat OpenStack
Classification: Red Hat
Component: instack-undercloud (Show other bugs)
Director
Unspecified Linux
high Severity medium
: y1
: 7.0 (Kilo)
Assigned To: James Slagle
Marius Cornea
: Triaged, ZStream
: 1250926 (view as bug list)
Depends On:
Blocks: 1238779
  Show dependency treegraph
 
Reported: 2015-06-29 14:48 EDT by Chris Dearborn
Modified: 2015-10-08 08:10 EDT (History)
19 users (show)

See Also:
Fixed In Version: instack-undercloud-2.1.2-24.el7ost
Doc Type: Bug Fix
Doc Text:
undercloud_heat_encryption_key was incorrectly documented in undercloud.conf.sample as accepting values of size 8, 16, or 32 characters. Only values of size 16, 24, or 32 characters are actually accepted. If a value that had the non-accepted size was used, the Undercloud configuration script would fail with an error similar to: Error: 8 is not a correct size for auth_encryption_key parameter, it must be either 16, 24, 32 bytes long. at /etc/puppet/modules/heat/manifests/engine.pp:106 on node undercloud.local.dev This fix updates the undercloud.conf.sample with the correct documentation to indicate the accepted sizes of this parameter.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-10-08 08:10:18 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Gerrithub.io 242215 None None None Never
Red Hat Product Errata RHSA-2015:1862 normal SHIPPED_LIVE Moderate: Red Hat Enterprise Linux OpenStack Platform 7 director update 2015-10-08 12:05:50 EDT

  None (edit)
Description Chris Dearborn 2015-06-29 14:48:30 EDT 
Description of problem:
undercloud.conf.sample states:

# Heat db encryption key(must be 8,16 or 32 characters. If left unset,
# one will be automatically generated. (string value)
#undercloud_heat_encryption_key = <None>

If the key is set to an 8 character string, then "openstack undercloud install" fails with:
ERROR: openstack ('%s failed. See log for details.', 'os-refresh-config')

If you then run "sudo os-refresh-config", it fails with the following error:
Error: 8 is not a correct size for auth_encryption_key parameter, it must be either 16, 24, 32 bytes long. at /etc/puppet/modules/heat/manifests/engine.pp:106 on node undercloud.local.dev

The undercloud.sample.conf file needs to be updated to state that the undercloud_heat_encryption_key must be 16, 24, or 32 characters long.


Version-Release number of selected component (if applicable):


How reproducible:
In undercloud.conf, set undercloud_heat_encryption_key to an 8 character string, then do an undercloud deployment.

Steps to Reproduce:
1. Edit undercloud.conf and set undercloud_heat_encryption_key to an 8 character string
2. Run "openstack undercloud install"

Actual results:
Installation fails with:
ERROR: openstack ('%s failed. See log for details.', 'os-refresh-config')

Expected results:
Comments in undercloud.conf.sample should state that the key must be 16, 24, or 32 bits.

Additional info:
Comment 6 Marios Andreou 2015-08-05 04:13:03 EDT 
upstream bug @ https://bugs.launchpad.net/heat/+bug/1415887
heat fix https://review.openstack.org/#/c/168779/
puppet-heat fix https://review.openstack.org/#/c/178478/

so clearly Chris Dearborn isn't lying. Fixup for the comment in the sample.conf file is at https://review.gerrithub.io/#/c/242215/
Comment 7 Chris Dearborn 2015-08-05 09:04:40 EDT 
Nope, not lying.  Just too lazy to type 16 characters instead of 8.  It's twice as much work!  ;-)
Comment 8 Dariusz Smigiel 2015-08-06 06:49:10 EDT 
*** Bug 1250926 has been marked as a duplicate of this bug. ***
Comment 10 Marius Cornea 2015-09-14 13:21:47 EDT 
[stack@instack ~]$ rpm -qa | grep  instack-undercloud
instack-undercloud-2.1.2-25.el7ost.noarch
[stack@instack ~]$ grep -A2 'Heat db encryption key' undercloud.conf 
# Heat db encryption key(must be 16, 24, or 32 characters. If left
# unset, one will be automatically generated. (string value)
#undercloud_heat_encryption_key = <None>
Comment 12 errata-xmlrpc 2015-10-08 08:10:18 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2015:1862
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.