Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1608267

Summary:	TLS-Everywhere - Docs missing undercloud DNS
Product:	Red Hat OpenStack	Reporter:	Federico Iezzi <fiezzi>
Component:	documentation	Assignee:	Martin Lopes <mlopes>
Status:	CLOSED CURRENTRELEASE	QA Contact:	RHOS Documentation Team <rhos-docs>
Severity:	unspecified	Docs Contact:
Priority:	unspecified
Version:	13.0 (Queens)	CC:	fiezzi, josorior, mburns, srevivo
Target Milestone:	---
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2019-10-14 14:45:55 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Federico Iezzi 2018-07-25 08:41:25 UTC

Description of problem:

novajoin-notify.service fails to start after undercloud install (enabling novajoin) due to the following issue
dns.resolver.NXDOMAIN: The DNS query name does not exist: _ldap._tcp.<domain>

It happens because the documentation doesn't mention that undercloud needs FreeIPA DNS too.

Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: Traceback (most recent call last):
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/bin/novajoin-notify", line 6, in <module>
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: from novajoin.notifications import main
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/novajoin/notifications.py", line 28, in <module>
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: from novajoin import join
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/novajoin/join.py", line 79, in <module>
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: class JoinController(Controller):
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/novajoin/join.py", line 81, in JoinController
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: def __init__(self, ipaclient=IPAClient()):
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/novajoin/ipa.py", line 67, in __init__
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: api.finalize()
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 714, in finalize
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: self.__do_if_not_done('load_plugins')
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 421, in __do_if_not_done
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: getattr(self, name)()
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 592, in load_plugins
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: for package in self.packages:
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/ipalib/__init__.py", line 948, in packages
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: ipaclient.remote_plugins.get_package(self),
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/ipaclient/remote_plugins/__init__.py", line 126, in get_package
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: plugins = schema.get_package(server_info, client)
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/ipaclient/remote_plugins/schema.py", line 537, in get_package
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: schema = Schema(client)
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/ipaclient/remote_plugins/schema.py", line 385, in __init__
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: fingerprint, ttl = self._fetch(client, ignore_cache=read_failed)
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/ipaclient/remote_plugins/schema.py", line 397, in _fetch
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: client.connect(verbose=False)
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line 66, in connect
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: conn = self.create_connection(*args, **kw)
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 1001, in create_connection
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: urls = self.get_url_list(rpc_uri)
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 856, in get_url_list
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: answers = resolver.query(name, rdatatype.SRV)
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/eventlet/support/dns/resolver.py", line 1132, in query
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: raise_on_no_answer, source_port)
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: File "/usr/lib/python2.7/site-packages/eventlet/support/dns/resolver.py", line 1051, in query
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: raise NXDOMAIN(qnames=qnames_to_try, responses=nxdomain_responses)
Jul 24 11:02:14 undercloud.redhat.local novajoin-notify[22445]: dns.resolver.NXDOMAIN: The DNS query name does not exist: _ldap._tcp.redhat.local.

Comment 1 Juan Antonio Osorio 2018-08-22 13:20:09 UTC

So, from the docs:

https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/13/html/advanced_overcloud_customization/sect-enabling_internal_ssltls_on_the_overcloud

section 13.2.5 mentions one should fill in the FreeIPA IP address on the undercloud_nameserver parameter in undercloud.conf. Is there anything else you think we should add there that would make it more apparent that the undercloud should point to FreeIPA as a nameserver?

Comment 2 Harry Rybacki 2018-08-22 14:02:08 UTC

*** Bug 1607941 has been marked as a duplicate of this bug. ***

Comment 3 Federico Iezzi 2018-08-22 14:53:38 UTC

It's possible during the OSP13 hackfest I didn't see section 13.2.5, if that's the case I'm sorry for the misunderstanding.
If on the other hand, in the meantime documentation got updated, I believe it's very clear.

Comment 4 Martin Lopes 2019-10-14 14:45:55 UTC

As per comment 3, it looks like this can be closed. Please let me know if there was anything else needed here.