when adding a cell into a tls-everywhere environment also the cellcontroller internal api vip is required to be added to the central overcloud controllers because when using a tls-everywhere environment nova uses the cell controller internal api hostname instead of the vip to connect to the cell DB. Reported by: rhn-support-mschuppe https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.1/html/instances_and_images_guide/ch-manage_cells#annotations:e368511f-31c0-4bf1-9b19-eb91543ef839
instead of: CELL_INTERNALAPI_INFO=$(ssh heat-admin@${CELL_CTRL_IP} egrep cellcontrol.*\.internalapi /etc/hosts) it should be: CELL_INTERNALAPI_INFO=$(ssh heat-admin@${CELL_CTRL_IP} egrep cell1.*\.internalapi /etc/hosts) Where cell1 is the prefix to identify only the cell systems and exclude the central controller systems.
We also have to replace in step 3 CELL_MYSQL_VIP to get either the IP or the endpoint hostname: current: (undercloud) [stack@undercloud ~]$ CELL_MYSQL_VIP=$(ssh heat-admin@${CELL_CTRL_IP} sudo \ crudini --get /var/lib/config-data/nova/etc/nova/nova.conf database connection \ | perl -nle'/(\d+\.\d+\.\d+\.\d+)/ && print $1') should be: (undercloud) [stack@undercloud ~]$ CELL_MYSQL_VIP=$(ssh heat-admin@${CELL_CTRL_IP} sudo \ crudini --get /var/lib/config-data/nova/etc/nova/nova.conf database connection \ | awk -F[@/] '{print $4}'
Updated content available on the Customer Portal: https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.1/html-single/configuring_the_compute_service_for_instance_creation/index#creating-and-provisioning-a-cell-osp