Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1510419 - [osp12] cannot use enable-internal-tls.yaml due to /usr/share/openstack-tripleo-heat-templates/extraconfig/nova_metadata/krb-service-principals.yaml doesn't exist
[osp12] cannot use enable-internal-tls.yaml due to /usr/share/openstack-tripl...
Status: CLOSED ERRATA
Product: Red Hat OpenStack
Classification: Red Hat
Component: python-tripleoclient (Show other bugs)
12.0 (Pike)
x86_64 Linux
high Severity high
: rc
: 12.0 (Pike)
Assigned To: Martin André
Artem Hrechanychenko
: ReleaseNotes, Triaged
: 1512553 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-11-07 06:41 EST by Artem Hrechanychenko
Modified: 2018-02-05 14:15 EST (History)
9 users (show)

See Also:
Fixed In Version: python-tripleoclient-7.3.3-4.el7ost
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-12-13 17:19:18 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Launchpad 1730650 None None None 2017-11-07 06:43 EST
OpenStack gerrit 518688 None None None 2017-11-09 07:58 EST
OpenStack gerrit 519343 None None None 2017-11-13 08:18 EST
Red Hat Product Errata RHEA-2017:3462 normal SHIPPED_LIVE Red Hat OpenStack Platform 12.0 Enhancement Advisory 2018-02-15 20:43:25 EST

  None (edit)
Description Artem Hrechanychenko 2017-11-07 06:41:32 EST 
Description of problem:

TASK [containerized_deployment : Create /home/stack/templates/container_images.yaml to upload to local registry] ***
10:58:36 fatal: [undercloud-0]: FAILED! => {
10:58:36     "changed": true,
10:58:36     "cmd": "openstack overcloud container image prepare --namespace docker-registry.engineering.redhat.com/rhosp12 --tag 20171103.1 --prefix openstack --suffix docker --set ceph_namespace=docker-registry.engineering.redhat.com/ceph --set ceph_image=rhceph-2-rhel7 --set ceph_tag=latest  -e /usr/share/openstack-tripleo-heat-templates/environments/ceph-ansible/ceph-ansible.yaml -e /usr/share/openstack-tripleo-heat-templates/environments/tls-everywhere-endpoints-dns.yaml -e /usr/share/openstack-tripleo-heat-templates/environments/services/haproxy-public-tls-certmonger.yaml -e /usr/share/openstack-tripleo-heat-templates/environments/enable-internal-tls.yaml -e /home/stack/cloud-names.yaml -e /home/stack/virt/network/network-environment.yaml > /home/stack/templates/container_images.yaml",
10:58:36     "delta": "0:00:00.644325",
10:58:36     "end": "2017-11-07 05:58:35.491117",
10:58:36     "failed": true,
10:58:36     "rc": 1,
10:58:36     "start": "2017-11-07 05:58:34.846792"
10:58:36 }
10:58:36
10:58:36 STDERR:
10:58:36
10:58:36 Could not fetch contents for file:///usr/share/openstack-tripleo-heat-templates/extraconfig/nova_metadata/krb-service-principals.yaml
10:58:36 

[stack@undercloud-0 ~]$ cat /usr/share/openstack-tripleo-heat-templates/environments/enable-internal-tls.yaml
# ********************************************************************************
# DEPRECATED: Use tripleo-heat-templates/environments/ssl/enable-internal-tls.yaml
# instead.
# ********************************************************************************
# A Heat environment file which can be used to enable a
# a TLS for in the internal network via certmonger
parameter_defaults:
  EnableInternalTLS: true
  RabbitClientUseSSL: true

  # Required for novajoin to enroll the overcloud nodes
  ServerMetadata:
    ipa_enroll: True

resource_registry:
  OS::TripleO::Services::CertmongerUser: ../puppet/services/certmonger-user.yaml

  OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml

  # We use apache as a TLS proxy
  OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml

  # Creates nova metadata that will create the extra service principals per
  # node.
  OS::TripleO::ServiceServerMetadataHook: ../extraconfig/nova_metadata/krb-service-principals.yaml
[stack@undercloud-0 ~]$ cat /usr/share/openstack-tripleo-heat-templates/extraconfig/nova_metadata/krb-service-principals.yaml
cat: /usr/share/openstack-tripleo-heat-templates/extraconfig/nova_metadata/krb-service-principals.yaml: No such file or directory


Version-Release number of selected component (if applicable):
openstack-tripleo-heat-templates-7.0.3-0.20171023134948.el7ost.noarch

How reproducible:
always

Steps to Reproduce:
1.deploy undercloud 
2.openstack overcloud container image prepare --namespace docker-registry.engineering.redhat.com/rhosp12 --tag 20171103.1 --prefix openstack --suffix docker --set ceph_namespace=docker-registry.engineering.redhat.com/ceph --set ceph_image=rhceph-2-rhel7 --set ceph_tag=latest  -e /usr/share/openstack-tripleo-heat-templates/environments/ceph-ansible/ceph-ansible.yaml -e /usr/share/openstack-tripleo-heat-templates/environments/tls-everywhere-endpoints-dns.yaml -e /usr/share/openstack-tripleo-heat-templates/environments/services/haproxy-public-tls-certmonger.yaml -e /usr/share/openstack-tripleo-heat-templates/environments/enable-internal-tls.yaml -e /home/stack/cloud-names.yaml -e /home/stack/virt/network/network-environment.yaml > /home/stack/templates/container_images.yaml

3.

Actual results:
/usr/share/openstack-tripleo-heat-templates/extraconfig/nova_metadata/krb-service-principals.yaml doesn't exist 

Expected results:
container_images.yaml was generate

Additional info:
Comment 2 Juan Antonio Osorio 2017-11-07 07:00:55 EST 
Seems that the issue is caused by the tripleo-common not rendering the /usr/share/openstack-tripleo-heat-templates/extraconfig/nova_metadata/krb-service-principals.j2.yaml .

I'm not acquainted with that code and can't seem to follow it :/. Steven, could you take a look?
Comment 3 Artem Hrechanychenko 2017-11-08 09:52:12 EST 
w/a is do not add enable-internal-tls.yaml to prepare command
Comment 5 Martin André 2017-11-13 08:18:26 EST 
Stable/pike backport proposed at https://review.openstack.org/519343
Comment 6 Martin André 2017-11-14 10:51:35 EST 
Stable/pike backport merge, proposed downstream rhos-12.0-patches patch at https://code.engineering.redhat.com/gerrit/123219 to speed up inclusion in OSP12.
Comment 7 Marian Krcmarik 2017-11-16 08:48:26 EST 
*** Bug 1512553 has been marked as a duplicate of this bug. ***
Comment 9 Artem Hrechanychenko 2017-11-20 03:25:15 EST 
VERIFIED

[stack@undercloud-0 ~]$ rpm -q python-tripleoclient
python-tripleoclient-7.3.3-4.el7ost.noarch


[stack@undercloud-0 ~]$ ls /usr/share/openstack-tripleo-heat-templates/extraconfig/nova_metadata/krb-service-principals.yaml 
ls: cannot access /usr/share/openstack-tripleo-heat-templates/extraconfig/nova_metadata/krb-service-principals.yaml: No such file or directory

[stack@undercloud-0 ~]$ openstack overcloud container image prepare --namespace docker-registry.engineering.redhat.com/rhosp12 --tag 20171116.1 --prefix openstack --suffix docker --set ceph_namespace=docker-registry.engineering.redhat.com/ceph --set ceph_image=rhceph-2-rhel7 --set ceph_tag=latest  -e /usr/share/openstack-tripleo-heat-templates/environments/ceph-ansible/ceph-ansible.yaml -e /usr/share/openstack-tripleo-heat-templates/environments/tls-everywhere-endpoints-dns.yaml -e /usr/share/openstack-tripleo-heat-templates/environments/services/haproxy-public-tls-certmonger.yaml -e /usr/share/openstack-tripleo-heat-templates/environments/enable-internal-tls.yaml -e /home/stack/cloud-names.yaml -e /home/stack/virt/network/network-environment.yaml > container_images_test.yaml
[stack@undercloud-0 ~]$ echo $?
0
Comment 12 errata-xmlrpc 2017-12-13 17:19:18 EST 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:3462
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.