Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1607941

Summary: Undercloud doesn't provide ipaclient's domain and server hieradata for ipa-client-install and novajoin fails
Product: Red Hat OpenStack Reporter: Federico Iezzi <fiezzi>
Component: instack-undercloudAssignee: James Slagle <jslagle>
Status: CLOSED DUPLICATE QA Contact: Arik Chernetsky <achernet>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 13.0 (Queens)CC: dpeacock, fiezzi, hrybacki, josorior, mburns
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-08-22 14:02:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
undercloud.conf none

Description Federico Iezzi 2018-07-24 15:05:40 UTC 
Description of problem:
Testing TLS-Everywhere, I discovered that undercloud (sorry for not pointing to the specific piece of code), doesn't provide ipaclient::domain and ipaclient::server.

This happens in my specific case having an already installed undercloud, enabling novajoin and performing an undercloud upgrade.

Version-Release number of selected component (if applicable):
OSP13z1 (tested version)

How reproducible:
# openstack undercloud install
configure undercloud for freeipa (novajoin-ipa-setup then proper undercloud.conf configuration)
# openstack undercloud upgrade

Actual results:

grep ipaclient /etc/puppet/hieradata/*
/etc/puppet/hieradata/puppet-stack-config.yaml:ipaclient::password: 9BltdqbXsQM5kML5e0FIhIrOrRCEnSzqv59MRA8MHrj4
/etc/puppet/hieradata/puppet-stack-config.yaml:ipaclient::hostname: undercloud.redhat.local

And during upgrade
2018-07-24 10:17:48,861 INFO: Notice: /Stage[main]/Ipaclient/Exec[ipa_installer]/returns: Unable to discover domain, not provided on command line
2018-07-24 10:17:48,862 INFO: Notice: /Stage[main]/Ipaclient/Exec[ipa_installer]/returns: The ipa-client-install command failed. See /var/log/ipaclient-install.log for more information
2018-07-24 10:17:48,862 INFO: Error: /usr/sbin/ipa-client-install --password 9BltdqbXsQM5kML5e0FIhIrOrRCEnSzqv59MRA8MHrj4 --mkhomedir --hostname undercloud.redhat.local --unattended returned 1 instead of one of [0]
2018-07-24 10:17:48,862 INFO: Error: /Stage[main]/Ipaclient/Exec[ipa_installer]/returns: change from notrun to 0 failed: /usr/sbin/ipa-client-install --password 9BltdqbXsQM5kML5e0FIhIrOrRCEnSzqv59MRA8MHrj4 --mkhomedir --hostname undercloud.redhat.local --unattended returned 1 instead of one of [0]

2018-07-24 10:48:51,199 INFO: Notice: /Stage[main]/Ipaclient/Exec[ipa_installer]/returns: Unable to find IPA Server to join
2018-07-24 10:48:51,200 INFO: Notice: /Stage[main]/Ipaclient/Exec[ipa_installer]/returns: The ipa-client-install command failed. See /var/log/ipaclient-install.log for more information
2018-07-24 10:48:51,200 INFO: Error: /usr/sbin/ipa-client-install --password 9BltdqbXsQM5kML5e0FIhIrOrRCEnSzqv59MRA8MHrj4 --mkhomedir --domain redhat.local --hostname undercloud.redhat.local --unattended returned 1 instead of one of [0]
2018-07-24 10:48:51,200 INFO: Error: /Stage[main]/Ipaclient/Exec[ipa_installer]/returns: change from notrun to 0 failed: /usr/sbin/ipa-client-install --password 9BltdqbXsQM5kML5e0FIhIrOrRCEnSzqv59MRA8MHrj4 --mkhomedir --domain redhat.local --hostname undercloud.redhat.local --unattended returned 1 instead of one of [0]

Expected results:

grep ipaclient /etc/puppet/hieradata/*                                                                                                                                        
/etc/puppet/hieradata/freeipa.yaml:ipaclient::domain: redhat.local
/etc/puppet/hieradata/freeipa.yaml:ipaclient::server: freeipa.redhat.local
/etc/puppet/hieradata/puppet-stack-config.yaml:ipaclient::password: 9BltdqbXsQM5kML5e0FIhIrOrRCEnSzqv59MRA8MHrj4
/etc/puppet/hieradata/puppet-stack-config.yaml:ipaclient::hostname: undercloud.redhat.local
Comment 1 David Peacock 2018-07-24 17:20:46 UTC 
Hey folks,

We're not quite sure where this fits; if you can take a look at it that would be great please.

Feel free to punt it on (or back) if you're not the rightful owners.

David
Comment 2 Juan Antonio Osorio 2018-08-07 07:07:09 UTC 
Did you set up undercloud_hostname and overcloud_domain_name  with the correct domain?
Comment 3 Federico Iezzi 2018-08-07 07:12:09 UTC 
Hi Juan,

Yes I did that.

# cat undercloud.conf | grep -E "(^undercloud_hostname|^overcloud_domain_name)"
undercloud_hostname = undercloud.redhat.local
overcloud_domain_name = redhat.local
Comment 4 Federico Iezzi 2018-08-07 07:12:46 UTC 
Created attachment 1473858 [details]
undercloud.conf
Comment 5 Juan Antonio Osorio 2018-08-07 07:16:35 UTC 
What's the content of /etc/resolv.conf ?
Comment 6 Federico Iezzi 2018-08-07 07:21:16 UTC 
(In reply to Juan Antonio Osorio from comment #5)
> What's the content of /etc/resolv.conf ?

The environment was created without pointing to the IdM and then manually switched before upgrading.
The content of resolv.conf is not anymore available (as the server used has been reinstalled).

Anyways be aware of this - https://bugzilla.redhat.com/show_bug.cgi?id=1608267
Comment 7 Harry Rybacki 2018-08-15 15:32:51 UTC 
Setting NEEDINFO against Ozz for visibility.
Comment 8 Harry Rybacki 2018-08-22 14:02:08 UTC 
After discussing with Ozz, we have agreed that this is a documentation issue and should be tracked in the RHBZ mentioned in comment#6.

I'm closing this as a DUPLICATE https://bugzilla.redhat.com/show_bug.cgi?id=1608267 -- please re-open this if you feel that is incorrect and need something else addressed.

*** This bug has been marked as a duplicate of bug 1608267 ***