Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1984968

Summary: Swift-less virtual media based deploy in BMaaS configurations fails with permission issue
Product: Red Hat OpenStack Reporter: Julia Kreger <jkreger>
Component: openstack-ironicAssignee: Steve Baker <sbaker>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 16.1 (Train)CC: sbaker, uemit.seren
Target Milestone: z2Keywords: Triaged
Target Release: 16.2 (Train on RHEL 8.4)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openstack-ironic-13.0.8-2.20211123004901.be7cff6.el8ost Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-03-23 22:10:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Julia Kreger 2021-07-22 14:44:20 UTC 
Description of problem:

File permission errors are generated when attempting to access ISO virtual media files mastered for virtual media boot. Customer engineer contacted the upstream development team asking questions regarding Lenovo virtual media hardware compatibility. Since it is not officially documented as supported, and given their environment configuration they ran into some issues, one being the file permission issue. In this particular environment, the customer operates swift which the driver uses by default, however their BMCs are unable to access swift and they are not wanting to make the change to do so, and thus they needed to set [redfish]use_swift=False in the ironic configuration file.

<timeu> after adding the config flag, it tries to download the iso but fails with: PermissionError: [Errno 13] Permission denied: '/var/lib/ironic/httpboot/redfish/boot-01c9e448-b833-4a11-a561-3282b27e1205'
<timeu> seems like that the created redfish directory has some weird permissions: dr-x---r-t. 2 ironic ironic         6 Jul 21 21:33 redfish


Turns out, we already found and fixed this upstream, just never backported it to ?Victoria?, Ussuri, and Train releases of OpenStack.


Version-Release number of selected component (if applicable):

16.1

How reproducible:

Always when attempting to operate virtual media without swift, i.e. setting [redfish]use_swift=False.

Steps to Reproduce:
1. Set [redfish]use_swift=False in ironic.conf
2. Setup node for redfish virtual media based deployment
3. Deploy!

Actual results:

Deployment fails with underlying permission error in the logs. Ramdisk never boots.

Expected results:

Ramdisk boots in order to perform deployment.

Additional info:

Upstream fix which was confirmed to fix this in OCP has already been merged, and just needs to be backported upstream and then downstream where applicable.
Comment 1 Steve Baker 2021-11-17 01:54:00 UTC 
Updating for the proposed train backport
Comment 9 errata-xmlrpc 2022-03-23 22:10:49 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Release of components for Red Hat OpenStack Platform 16.2.2), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:1001