ironic using public endpoint to configure ipxe template during deployment
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ironic |
Fix Released
|
High
|
James Slagle | ||
tripleo |
Fix Released
|
Critical
|
James Slagle |
Bug Description
ironic is using the public endpoint to configure ipxe template during deployment. it should instead be using the internal endpoint.
this issue was discovered in tripleo-ci where we configure the public endpoint for the baremetal service with ssl. IPA then fails to deploy the instance because the the IPA image we build does not implicitly trust the CA of the configured server certificate used by ironic api/conductor.
I believe I tracked the issue to this commit:
https:/
Particularly, the code in ironic/
http://
the code silently does the wrong thing since it accepts a **kwargs, and ends up defaulting to the public endpoint.
Changed in ironic: | |
status: | New → In Progress |
Changed in ironic: | |
importance: | Undecided → High |
Changed in tripleo: | |
milestone: | none → newton-3 |
Changed in tripleo: | |
status: | In Progress → Fix Released |
patch: https:/ /review. openstack. org/#/c/ 355537/