Bug 1283004 - ansible should change the ca filepath if certificate contains 'names' key
ansible should change the ca filepath if certificate contains 'names' key
Status: CLOSED ERRATA
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer (Show other bugs)
3.1.0
Unspecified Unspecified
unspecified Severity medium
: ---
: ---
Assigned To: Andrew Butcher
Ma xiaoqiang
: UpcomingRelease
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-11-17 21:28 EST by Ma xiaoqiang
Modified: 2016-07-03 20:46 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
The advanced installation configuration option 'openshift_master_named_certificates' did not properly set the correct path when installing provided certificates on your masters. This error has been corrected.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-12-17 16:19:39 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Ma xiaoqiang 2015-11-17 21:28:33 EST
Description of problem:
ansible should change the ca filepath if certificate contains 'names' key

Version-Release number of selected component (if applicable):
https://github.com/abutcher/openshift-ansible namedCertRefactor

How reproducible:
Always


Steps to Reproduce:

1. Install env with custom certificate
openshift_master_overwrite_named_certificates=true
openshift_master_named_certificates=[{"certfile": "/home/jenkins3/workspace/custom2.crt", "keyfile": "/home/jenkins3/workspace/custom2.key", "names": ["test.redhat.com"]}, {"certfile": "/home/jenkins3/workspace/OSE_V3_Ansible_Installer/custom3.crt", "keyfile": "/home/jenkins3/workspace/OSE_V3_Ansible_Installer/custom3.key"}]


Actual results:
TASK: [openshift_master | Start and enable master api] ************************ 
failed: [10.66.79.136] => {"failed": true}
msg: Job for atomic-openshift-master-api.service failed because the control process exited with error code. See "systemctl status atomic-openshift-master-api.service" and "journalctl -xe" for details.

Fail to start master service

check the master configuation 
  namedCertificates:
  - certFile: /home/jenkins3/workspace/custom2.crt
    keyFile: /home/jenkins3/workspace/custom2.key
    names:
    - "test.redhat.com"
  - certFile: /etc/origin/master/named_certificates/custom3.crt
    keyFile: /etc/origin/master/named_certificates/custom3.key
    names:
    - "custom3.test.com"
Did not change the certificate filepath

Expected results:
should change the certificate filepath

Additional info:
Comment 1 Andrew Butcher 2015-11-18 09:15:44 EST
Proposed fix is here: https://github.com/openshift/openshift-ansible/pull/881
Comment 2 Ma xiaoqiang 2015-11-18 20:40:10 EST
Get expected result, move it to VERIFIED
Comment 4 errata-xmlrpc 2015-12-17 16:19:39 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2015:2667

Note You need to log in before you can comment on or make changes to this bug.