Heat doesn't pass user/password to services
Bug #1483841 reported by
Leontii Istomin
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mirantis OpenStack |
Fix Released
|
High
|
Oleksii Chuprykov | ||
7.0.x |
Won't Fix
|
High
|
MOS Maintenance | ||
8.0.x |
Fix Released
|
High
|
Oleksii Chuprykov |
Bug Description
In case when we try to create/delete big Heat stack we can face with issue when keystone token expires and action become to failed state. At the moment (build 7.0-98) we have token expiration time equals to 1 hour. Actions with Heat stacks which take more than 1 hour fails.
We can use "trust" keystone feature to avoid this behavior.
Changed in mos: | |
status: | New → Opinion |
Changed in mos: | |
importance: | Undecided → High |
Changed in mos: | |
status: | Opinion → Confirmed |
tags: | added: heat murano sahara |
tags: | added: done |
tags: |
added: release-notes-done removed: release-notes |
tags: | removed: done |
tags: | added: rn7.0 |
tags: |
added: area-heat removed: heat |
To post a comment you must log in.
We have a same bug in community: https:/ /bugs.launchpad .net/heat/ +bug/1306294
I discussed it with Steven, who responsible to fix it. He promised to finish it in Liberty release.
Unfortunately it's mostly depends on code, which was merged in keystone and heat during L release, and it's quite difficult backport to Kilo.
So I'd suggest to move it to MOS 8.0.
For MOS 7.0 I see two possible solution:
- mark it as Won't Fix and constantly increase token lifetime for scale testing
- add patch to puppets with constant increasing this ^ option.
Note, that this approach is implemented in Tripleo project (token expiration time is 4 hour for them)
Dina, I need your answer about preferable solution?