Fuel for OpenStack

Keystone catalog uses IP address instead DNS name for Keystone when public TLS enabled

Bug #1539545 reported by Stanislaw Bogatkin on 2016-01-29

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Fuel for OpenStack	Fix Released	High	Stanislaw Bogatkin	Fuel for OpenStack 9.0
	8.0.x	Fix Released	High	Stanislaw Bogatkin	Fuel for OpenStack 8.0

Bug Description

Fuel 8-9.
Steps to reproduce:
1. Create env, enable TLS for public endpoints in settings.
2. Add one controller, one compute.
3. Deploy.

Deploy will successful, but there is expected to have DNS name for all endpoints in keystone catalog. Instead of this we have all public endpoints as DNS name but keystone have IP address in catalog. We should fix this.
http://paste.openstack.org/show/485595/

See original description

Tags:

Dmitry Klenov (dklenov) on 2016-01-29

tags:

added: area-library

Ivan Ponomarev (ivanzipfer) on 2016-01-29

Changed in fuel:
status:	New → Confirmed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-01-29: Fix proposed to fuel-library (master)

Fix proposed to branch: master
Review: https://review.openstack.org/274060

Changed in fuel:
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-01-29: Fix proposed to fuel-library (stable/8.0)

Fix proposed to branch: stable/8.0
Review: https://review.openstack.org/274139

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-01-29: Fix merged to fuel-library (master)

Reviewed: https://review.openstack.org/274060
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=9e8aeea447b0cb40f0092d6e3d8b7409cf25578a
Submitter: Jenkins
Branch: master

commit 9e8aeea447b0cb40f0092d6e3d8b7409cf25578a
Author: Stanislaw Bogatkin <email address hidden>
Date: Fri Jan 29 16:20:25 2016 +0300

Give keystone opportunity to use public_ssl_hash for get hostname

Keystone should use public ssl hash to give right hostname for case
with enabled TLS public endpoints.

Change-Id: I60196e2db2177aaca083c13b69c9223e121b4e6c
Closes-Bug: #1539545

Changed in fuel:
status:	In Progress → Fix Committed

Matthew Mosesohn (raytrac3r) on 2016-02-01

tags:

added: team-bugfix

Tatyanka (tatyana-leontovich) on 2016-02-01

description:

updated

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-02-01: Fix merged to fuel-library (stable/8.0)

Reviewed: https://review.openstack.org/274139
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=c788ba3673edd1bc3799fc1db8f7f09aada5d1cd
Submitter: Jenkins
Branch: stable/8.0

commit c788ba3673edd1bc3799fc1db8f7f09aada5d1cd
Author: Stanislaw Bogatkin <email address hidden>
Date: Fri Jan 29 16:20:25 2016 +0300

Give keystone opportunity to use public_ssl_hash for get hostname

Keystone should use public ssl hash to give right hostname for case
with enabled TLS public endpoints.

Change-Id: I60196e2db2177aaca083c13b69c9223e121b4e6c
Closes-Bug: #1539545

Anastasia Palkina (apalkina) on 2016-02-05

tags:

added: on-verification

Anastasia Palkina (apalkina) on 2016-02-08

tags:

removed: on-verification

Mikhail Samoylov (msamoylov) on 2016-02-12

tags:

added: on-verification

Revision history for this message

Mikhail Samoylov (msamoylov) wrote on 2016-02-12:

Verified in fuel version:

Steps to reproduce:
1. Create env, enable TLS for public endpoints in settings.
2. Add one controller, one compute.
3. Deploy.
4. SSH to controller node
5. Connect to mysql: mysql
6. Connect to keystone db from mysql: use keystone;
7. Check that Domain Name sets for keystone the same that was on step 1.
http://paste.openstack.org/show/486821/

Actual result:
No ip address in output on step 7
Expected result:
No ip address in output on step 7

Fuel version:
VERSION:
  feature_groups:
    - mirantis
  production: "docker"
  release: "8.0"
  api: "1.0"
  build_number: "529"
  build_id: "529"
  fuel-nailgun_sha: "baec8643ca624e52b37873f2dbd511c135d236d9"
  python-fuelclient_sha: "4f234669cfe88a9406f4e438b1e1f74f1ef484a5"
  fuel-agent_sha: "658be72c4b42d3e1436b86ac4567ab914bfb451b"
  fuel-nailgun-agent_sha: "b2bb466fd5bd92da614cdbd819d6999c510ebfb1"
  astute_sha: "b81577a5b7857c4be8748492bae1dec2fa89b446"
  fuel-library_sha: "e2d79330d5d708796330fac67722c21f85569b87"
  fuel-ostf_sha: "3bc76a63a9e7d195ff34eadc29552f4235fa6c52"
  fuel-mirror_sha: "fb45b80d7bee5899d931f926e5c9512e2b442749"
  fuelmenu_sha: "e071216cb214e34b4d861478033425ee6a54a3be"
  shotgun_sha: "63645dea384a37dde5c01d4f8905566978e5d906"
  network-checker_sha: "a43cf96cd9532f10794dce736350bf5bed350e9d"
  fuel-upgrade_sha: "616a7490ec7199f69759e97e42f9b97dfc87e85b"
  fuelmain_sha: "a365f05b903368225da3fea9aa42afc1d50dc9b4"

tags:

removed: on-verification

ElenaRossokhina (esolomina) on 2016-05-16

tags:

added: on-verification

Revision history for this message

ElenaRossokhina (esolomina) wrote on 2016-05-16:

Verified on 9.0-324 (steps from #5)
cat /etc/fuel_build_id:
324
cat /etc/fuel_build_number:
324
cat /etc/fuel_release:
9.0
cat /etc/fuel_openstack_version:
mitaka-9.0
rpm -qa | egrep 'fuel|astute|network-checker|nailgun|packetary|shotgun':
fuel-release-9.0.0-1.mos6344.noarch
fuel-provisioning-scripts-9.0.0-1.mos8682.noarch
network-checker-9.0.0-1.mos72.x86_64
fuel-mirror-9.0.0-1.mos135.noarch
fuel-openstack-metadata-9.0.0-1.mos8682.noarch
fuel-notify-9.0.0-1.mos8356.noarch
fuel-ostf-9.0.0-1.mos934.noarch
python-fuelclient-9.0.0-1.mos314.noarch
fuelmenu-9.0.0-1.mos270.noarch
fuel-9.0.0-1.mos6344.noarch
fuel-utils-9.0.0-1.mos8356.noarch
fuel-nailgun-9.0.0-1.mos8682.noarch
rubygem-astute-9.0.0-1.mos742.noarch
fuel-library9.0-9.0.0-1.mos8356.noarch
shotgun-9.0.0-1.mos88.noarch
fuel-agent-9.0.0-1.mos276.noarch
fuel-ui-9.0.0-1.mos2682.noarch
fuel-setup-9.0.0-1.mos6344.noarch
nailgun-mcagents-9.0.0-1.mos742.noarch
fuel-misc-9.0.0-1.mos8356.noarch
python-packetary-9.0.0-1.mos135.noarch
fuel-bootstrap-cli-9.0.0-1.mos276.noarch
fuel-migrate-9.0.0-1.mos8356.noarch

tags:	removed: on-verification
Changed in fuel:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.