Bug 1736752
| Summary: | TLS everywhere in place upgrade fails on overcloud.AllNodesDeploySteps.ControllerDeployment_Step3 | |||
|---|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Jeremy Agee <jagee> | |
| Component: | openstack-tripleo-heat-templates | Assignee: | Ade Lee <alee> | |
| Status: | CLOSED ERRATA | QA Contact: | Sasha Smolyak <ssmolyak> | |
| Severity: | high | Docs Contact: | ||
| Priority: | high | |||
| Version: | 13.0 (Queens) | CC: | broose, emacchi, marjones, mburns, pkesavar, rmascena | |
| Target Milestone: | z8 | Keywords: | Triaged, ZStream | |
| Target Release: | 13.0 (Queens) | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | openstack-tripleo-heat-templates-8.3.1-69.el7ost | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1737103 (view as bug list) | Environment: | ||
| Last Closed: | 2019-09-03 16:55:57 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1737103 | |||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:2624 |
Description of problem: When doing a Brownfield TLS everywhere upgrade the overcloud deploy fails. Version-Release number of selected component (if applicable): Steps to Reproduce: 1. upgrade the undercloud to enable novajoin. undercloud.conf [DEFAULT] # BEGIN TLS EVERYWHERE SETTINGS --> enable_novajoin = True ipa_otp = 9Yx7dnbFEIvGPZ0X7MS4x02WDNaBL4G3JR8w3vsjB0p4 undercloud_hostname = undercloud-0.redhat.local undercloud_nameservers = 10.0.0.37 overcloud_domain_name = redhat.local # END TLS EVERYWHERE SETTINGS --> openstack undercloud install 2. upgrade the overcloud to enable tls everywhere Description of problem: When doing a Brownfield TLS everywhere upgrade the overcloud deploy fails. Version-Release number of selected component (if applicable): Steps to Reproduce: 1. upgrade the undercloud to enable novajoin. undercloud.conf [DEFAULT] # BEGIN TLS EVERYWHERE SETTINGS --> enable_novajoin = True ipa_otp = 9Yx7dnbFEIvGPZ0X7MS4x02WDNaBL4G3JR8w3vsjB0p4 undercloud_hostname = undercloud-0.redhat.local undercloud_nameservers = 10.0.0.37 overcloud_domain_name = redhat.local # END TLS EVERYWHERE SETTINGS --> openstack undercloud install 2. upgrade the overcloud to enable tls everywhere openstack overcloud deploy \ --timeout 130 \ --templates /usr/share/openstack-tripleo-heat-templates \ --stack overcloud \ --libvirt-type kvm \ --ntp-server 10.0.0.37 \ -e /home/stack/virt/config_lvm.yaml \ -e /usr/share/openstack-tripleo-heat-templates/environments/network-isolation.yaml \ -e /home/stack/virt/network/network-environment.yaml \ -e /home/stack/virt/enable-tls.yaml \ -e /home/stack/virt/inject-trust-anchor.yaml \ -e /home/stack/virt/public_vip.yaml \ -e /home/stack/virt/cloud-names.yaml \ -e /home/stack/virt/hostnames.yml \ -e /home/stack/virt/nodes_data.yaml \ -e /home/stack/virt/docker-images.yaml \ -e /usr/share/openstack-tripleo-heat-templates/environments/ssl/tls-everywhere-endpoints-dns.yaml \ -e /usr/share/openstack-tripleo-heat-templates/environments/services/haproxy-internal-tls-certmonger.yaml \ -e /usr/share/openstack-tripleo-heat-templates/environments/ssl/enable-internal-tls.yaml \ --log-file overcloud_deployment_41.log 2019-07-25 16:32:47Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu-ControllerDeployment_Step3-6h3vnntn22jm.2]: UPDATE_IN_PROGRESS state changed 2019-07-25 16:32:48Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu-ControllerDeployment_Step3-6h3vnntn22jm.1]: UPDATE_IN_PROGRESS state changed 2019-07-25 16:33:37Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu-ComputeDeployment_Step3-6h4enzzxk66b.1]: SIGNAL_IN_PROGRESS Signal: deployment 8bfa71b2-2ca7-49e9-b16b-621c5b155688 succeeded 2019-07-25 16:33:38Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu-ComputeDeployment_Step3-6h4enzzxk66b.1]: UPDATE_COMPLETE state changed 2019-07-25 16:33:48Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu-ComputeDeployment_Step3-6h4enzzxk66b.0]: SIGNAL_IN_PROGRESS Signal: deployment 8fdb99a9-6726-423c-a4da-7401a5ddbfaa succeeded 2019-07-25 16:33:49Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu-ComputeDeployment_Step3-6h4enzzxk66b.0]: UPDATE_COMPLETE state changed 2019-07-25 16:33:49Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu-ComputeDeployment_Step3-6h4enzzxk66b]: UPDATE_COMPLETE Stack UPDATE completed successfully 2019-07-25 16:33:50Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu.ComputeDeployment_Step3]: UPDATE_COMPLETE state changed 2019-07-25 16:34:12Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu-ControllerDeployment_Step3-6h3vnntn22jm.1]: SIGNAL_IN_PROGRESS Signal: deployment 93875ebd-b8b7-480e-9f4c-f54547be1d45 succeeded 2019-07-25 16:34:13Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu-ControllerDeployment_Step3-6h3vnntn22jm.1]: UPDATE_COMPLETE state changed 2019-07-25 16:34:15Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu-ControllerDeployment_Step3-6h3vnntn22jm.2]: SIGNAL_IN_PROGRESS Signal: deployment a8def5a3-3b36-4e30-891b-28cada1fbd40 succeeded 2019-07-25 16:34:15Z [overcloud-AllNodesDeploySteps-crpvtqxtvypu-ControllerDeployment_Step3-6h3vnntn22jm.2]: UPDATE_COMPLETE state changed Stack overcloud UPDATE_FAILED overcloud.AllNodesDeploySteps.ControllerDeployment_Step3: resource_type: OS::TripleO::DeploymentSteps physical_resource_id: b8f266c9-76aa-4e20-a9de-7272c95dac6c status: UPDATE_FAILED status_reason: | resources.ControllerDeployment_Step3: Stack UPDATE cancelled Heat Stack update failed. Heat Stack update failed. How reproducible: always Actual results: The upgrade deployment fails on the overcloud.AllNodesDeploySteps.ControllerDeployment_Step3 step. Expected results: All nodes enroll in IPA and the overcloud upgrade is successful. Additional info: