1889454 – Container restarts don't remove stale container files

Bug 1889454 - Container restarts don't remove stale container files

Summary: Container restarts don't remove stale container files

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	puppet-tripleo
Sub Component:
Version:	16.1 (Train)
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	async
Target Release:	16.1 (Train on RHEL 8.2)
Assignee:	OSP Team
QA Contact:	David Rosenfeld
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-10-19 17:26 UTC by Lance Bragstad
Modified:	2023-02-14 09:35 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-08-11 17:31:09 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
OpenStack gerrit	756874	0	None	ABANDONED	Switch purge on for /etc/keystone/domains	2022-08-11 17:28:45 UTC
Red Hat Issue Tracker	OSP-153	0	None	None	None	2022-08-11 17:32:54 UTC

Description Lance Bragstad 2020-10-19 17:26:16 UTC

Description of problem:


TripleO allows users to configure domain-specific backends via the KeystoneLDAPBackendConfigs THT parameter. These options end up being configuration values in a file mounted into the container (/etc/keystone/domain/keystone.$DOMAIN.conf).

If the end users attempts to remove the configuration file by renaming it on the host and restarting the container, the original file is still present in the container.


How reproducible:

100%

Steps to Reproduce:
1. Deploy the overcloud with a domain-specific backend
2. Update the domain configuration file on the controller to a different name (/var/lib/config-data/puppet-generated/keystone/etc/keystone/domains/keystone.AD.conf.bak).
3. Restart the keystone container
4. View the /etc/keystone/domains directory and verify the original domain configuration file is still present

Actual results:

The /etc/keystone/domains directory in the container contains stale configuration files.

Expected results:

The contents of /etc/keystone/domains maps to /var/lib/config-data/puppet-generated/keystone/etc/keystone/domains/

Comment 2 Lance Bragstad 2020-10-19 17:28:13 UTC

I talked to the tripleo community and we tried a quick patch to see if if helped [0], but it was unsuccessful in removing stale files.

We may be able to pick-up this approach and iterate on it, though.

[0] https://review.opendev.org/#/c/756874/

Note You need to log in before you can comment on or make changes to this bug.