Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1240449 - overcloud heat instance_user is set to heat-admin
overcloud heat instance_user is set to heat-admin
Status: CLOSED ERRATA
Product: Red Hat OpenStack
Classification: Red Hat
Component: rhosp-director (Show other bugs)
Director
Unspecified Unspecified
high Severity unspecified
: ga
: Director
Assigned To: Steve Baker
Amit Ugol
: Triaged
Depends On: 1240833
Blocks:
  Show dependency treegraph
 
Reported: 2015-07-06 18:55 EDT by Steve Baker
Modified: 2015-08-05 09:58 EDT (History)
6 users (show)

See Also:
Fixed In Version: openstack-tripleo-heat-templates-0.8.6-38.el7ost
Doc Type: Bug Fix
Doc Text:
The Overcloud configured the heat service with instance_user=heat-admin. This meant SSH communication into heat-provisioned guest VMs required the heat-admin user. This fix sets instance_user to an empty value. Now you can SSH into guest VMs using the default image user.
Story Points: ---
Clone Of:
: 1240833 (view as bug list)
Environment:
Last Closed: 2015-08-05 09:58:31 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
OpenStack gerrit 198947 None None None Never
Red Hat Product Errata RHEA-2015:1549 normal SHIPPED_LIVE Red Hat Enterprise Linux OpenStack Platform director Release 2015-08-05 13:49:10 EDT

  None (edit)
Description Steve Baker 2015-07-06 18:55:36 EDT 
In the overcloud heat, heat.conf instance_user is set to heat-admin.

The consequence of this is that SSHing into heat created guest VMs will require the user 'heat-admin'. I predict that this will result in user confusion as to how to SSH into their VMs since they will be attempting default usernames (centos, cloud-user etc) or the documented heat default user (ec2-user)

Upstream, instance_user is deprecated and will be removed in Liberty, meaning image default usernames would be used to SSH into VMs (centos, cloud-user etc).

Overcloud heat should have instance_user set to <empty> now so that default usernames are used. Since heat-admin will cause user confusion, and upstream behaviour will change, I'd like this to be considered a blocker for GA.

Having instance_user set to heat-admin on the undercloud heat *is* appropriate, since we document how operators should ssh into their overcloud nodes.
Comment 4 Steve Baker 2015-07-06 23:29:24 EDT 
Upstream puppet-heat patch: https://review.openstack.org/#/c/197147
Upstream tripleo-heat-templates patch: https://review.openstack.org/#/c/198947/
Comment 10 errata-xmlrpc 2015-08-05 09:58:31 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2015:1549
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.