Description of problem: While testing the IPv6 versions of the isolated network TripleO heat templates from this patch (https://review.openstack.org/#/c/235423/), I found that the URLs generated by the Heat templates are not correctly formatted for IPv6 addresses. For instance, if IPv6 addresses are used for the VIP addresses, you end up with URLs like this in the Puppet Hieradata on the controller: controller.yaml:ceilometer::agent::auth::auth_url: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0 For IPv6 addresses in URLs, the IP should be enclosed in square brackets, like this: controller.yaml:ceilometer::agent::auth::auth_url: http://[fd00:fd00:fd00:2000:f816:3eff:feea:2430]:5000/v2.0 Version-Release number of selected component (if applicable): OSP 8.0 beta 1 How reproducible: 100% Steps to Reproduce: 1. Deploy with IPv6 isolated networks 2. 3. Actual results: Deployment will fail with a Puppet error currently, but looking at the Hieradata on the controllers, I can see a lot of URLs that are formatted incorrectly: [root@overcloud-controller-0 hieradata]# grep fd00 * | grep "://" controller.yaml:ceilometer::agent::auth::auth_url: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0 controller.yaml:ceilometer::agent::central::coordination_url: redis://fd00:fd00:fd00:2000:f816:3eff:fef6:3820:6379 controller.yaml:ceilometer::api::keystone_auth_uri: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0/ controller.yaml:ceilometer_mysql_conn_string: mysql://ceilometer:unset@fd00:fd00:fd00:2000:f816:3eff:feea:2430/ceilometer controller.yaml:cinder::api::auth_uri: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0/ controller.yaml:cinder::database_connection: mysql://cinder:3b5c45836f5fcae1538630721d976b1070012b7f@fd00:fd00:fd00:2000:f816:3eff:feea:2430/cinder controller.yaml:cinder::glance::glance_api_servers: http://fd00:fd00:fd00:3000:f816:3eff:fe6c:bdcd:9292 controller.yaml:glance::api::auth_uri: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0/ controller.yaml:glance::api::database_connection: mysql://glance:bad73578501498d1930d5523f87409e0240acc72@fd00:fd00:fd00:2000:f816:3eff:feea:2430/glance controller.yaml:glance::backend::swift::swift_store_auth_address: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0 controller.yaml:glance::registry::auth_uri: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0/ controller.yaml:glance::registry::database_connection: mysql://glance:bad73578501498d1930d5523f87409e0240acc72@fd00:fd00:fd00:2000:f816:3eff:feea:2430/glance controller.yaml:heat::auth_uri: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0/ controller.yaml:heat::database_connection: mysql://heat:933fe07227d9f91d2fc6cc08c4ba4d186f6b7eae@fd00:fd00:fd00:2000:f816:3eff:feea:2430/heat controller.yaml:heat::engine::heat_metadata_server_url: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:8000 controller.yaml:heat::engine::heat_waitcondition_server_url: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:8000/v1/waitcondition controller.yaml:heat::engine::heat_watch_server_url: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:8003 controller.yaml:heat::keystone_ec2_uri: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0/ec2tokens controller.yaml:horizon::keystone_url: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0/ controller.yaml:keystone::database_connection: mysql://keystone:54cb5591cd7bff13ff96818678a15d70f18a81d9@fd00:fd00:fd00:2000:f816:3eff:feea:2430/keystone controller.yaml:neutron::server::auth_uri: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0/ controller.yaml:neutron::server::database_connection: mysql://neutron:6f2bd4548e3cc64ae5da05a26ee8a8c91081c8bf@fd00:fd00:fd00:2000:f816:3eff:feea:2430/ovs_neutron?charset=utf8 controller.yaml:neutron_dsn: mysql://neutron:6f2bd4548e3cc64ae5da05a26ee8a8c91081c8bf@fd00:fd00:fd00:2000:f816:3eff:feea:2430/ovs_neutron?charset=utf8 controller.yaml:nova::api::auth_uri: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0/ controller.yaml:nova::database_connection: mysql://nova:9f94295091a6be6309ce0dd19d29c9c5dac72fea@fd00:fd00:fd00:2000:f816:3eff:feea:2430/nova controller.yaml:nova::glance_api_servers: http://fd00:fd00:fd00:3000:f816:3eff:fe6c:bdcd:9292 controller.yaml:nova::network::neutron::neutron_url: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:9696 controller.yaml:swift::proxy::authtoken::auth_uri: http://fd00:fd00:fd00:2000:f816:3eff:feea:2430:5000/v2.0/ Expected results: The URLs will need to have square brackets around the URLs in order to be correct. We either need to develop a way to produce the URLs correctly in Heat (conditional parameters?), or we need to address this in the Puppet modules and rewrite the URLs before they get committed to a configuration file. Additional info: RFC 2732 - Format for Literal IPv6 Addresses in URL's - https://www.ietf.org/rfc/rfc2732.txt
Could you please indicate which component is involved in generating the faulty Hiera data? The component in question which is generating the url, effectively needs to detect when an ipv6 is involved (instead of an ipv6 or a simply a hostname) to add the brackets.
Sorry in comment 2, I meant (instead of an ipv4 or simply a hostname)
Here is the current plan for addressing this bug: I am going to modify the TripleO Heat Templates such that the port objects return not only an IP address, but also an IP address suitable for use in URLs. The IPv4 version of the ports will return a raw IPv4 address, but the IPv6 version of the ports will return a bracketed IPv6 address for the same property. I will then modify the parameters that construct a URL to use the new property, so URLs will contain brackets when using IPv6.
This bug is fixed upstream. The changes were mostly in the EndpointMap nested stack. We now populate both the raw IP and the bracketed IP in the VipMap for IPv6 endpoints. The VipMap feeds the EndpointMap, but the bracketed IPs are used in the case of IPv6. With these changes, the URLs output by the EndpointMap have the brackets, while the values with raw IPs do not have brackets. Example of Puppet hieradata after the change: ceph.yaml:ceph::profile::params::public_network: fd00:fd00:fd00:3000:f816:3eff:fe48:6ecd/64 controller.yaml:apache::ip: fd00:fd00:fd00:2000:f816:3eff:fe80:f5bf controller.yaml:ceilometer::agent::auth::auth_url: http://[fd00:fd00:fd00:2000:f816:3eff:fe68:10b5]:5000/v2.0 controller.yaml:ceilometer::agent::central::coordination_url: redis://[fd00:fd00:fd00:2000:f816:3eff:fe06:a3a8]:6379 controller.yaml:ceilometer::api::host: fd00:fd00:fd00:2000:f816:3eff:fe80:f5bf controller.yaml:ceilometer::api::keystone_auth_uri: http://[fd00:fd00:fd00:2000:f816:3eff:fe68:10b5]:5000/v2.0 Since the URLs now contain brackets, this bug has been fixed upstream. Once the IPv6 Heat templates are merged downstream, this bug can be closed.
This bug was fixed in a variety of places. A change to the main IPv6 TripleO Heat templates (modifying EndpointMap) fixed some of the URLs, but there were patches to several different OpenStack Puppet Modules that fixed the rest. This bug was more of a general issue than a specific code problem.
I tried to deploy an overcloud with IPv6 isolated networks; deployment failed, but all the URLs containing IPv6 addresses in the hieradata on overcloud-controller-0 have square brackets around the IPv6 addresses.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-0637.html