tripleo

tripleo-ui should listen on all interfaces

Bug #1652074 reported by Donny Davis on 2016-12-22

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	tripleo	Expired	Undecided	Unassigned	tripleo stein-2

Bug Description

The Tripleo UI puppet module has the tripleo-ui listen on only the br-ctlplane interface. This is the pxe interface in baremetal deployments may not be accessible from outside the tripleo machine.

https://github.com/openstack/puppet-tripleo/blob/master/manifests/ui.pp

$bind_host = hiera('controller_host'),

This parameter makes the tripleo-ui listen on only br-ctlplane interface.

Tags:

Revision history for this message

Donny Davis (automatikdonn) wrote on 2016-12-22:

Changing the parameter to

$bind_address = undef,

resolves this issue

Emilien Macchi (emilienm) on 2016-12-23

Changed in tripleo:
milestone:	none → ocata-3
importance:	Undecided → Medium
status:	New → Triaged

Julie Pichon (jpichon) on 2017-01-03

tags:

added: ui

Michael Glaser (mikeg451) on 2017-01-10

Changed in tripleo:
assignee:	nobody → Michael Glaser (mikeg451)

Revision history for this message

Dan Trainor (dtrainor) wrote on 2017-01-10:

Digging in to this a little, I discovered that setting bind_host (reported as bind_address in the bug, but I think what Donny meant was "bind_host") to undef will not work for SSL-enabled Undercloud deployments.

The reason for this is that, when an SSL-enabled Undercloud is used, HAProxy listens on both the undercloud_public_vip (a required parameter for SSL-enabled Underclouds) and controller_admin_vip (which is the same as the ctrlplane address when using non-SSL Underclouds). If bind_host gets set to undef, then Apache attempts to listen on *:3000 which conflicts with the port already allocated by HAProxy, causing Apache startup to fail.

I think the best approach to doing this would be to set ui.pp bind_host to undef, and make haproxy only listen on port 443 per the UI container. This would provide a happy path for both SSL-enabled Underclouds (via $undercloud_public_vip:443) and non-SSL Underclouds (via $undercloud_public_vip or the ctrlplane address).

Revision history for this message

Michael Glaser (mikeg451) wrote on 2017-01-12:

Haven't had time to work on this, so will unassign myself to allow someone else to work on it.

Changed in tripleo:
assignee:	Michael Glaser (mikeg451) → nobody

Emilien Macchi (emilienm) on 2017-01-17

Changed in tripleo:
milestone:	ocata-3 → pike-1

Emilien Macchi (emilienm) on 2017-04-11

Changed in tripleo:
milestone:	pike-1 → pike-2

Emilien Macchi (emilienm) on 2017-06-08

Changed in tripleo:
milestone:	pike-2 → pike-3

Emilien Macchi (emilienm) on 2017-07-30

Changed in tripleo:
milestone:	pike-3 → pike-rc1

Emilien Macchi (emilienm) on 2017-07-31

Changed in tripleo:
milestone:	pike-rc1 → queens-1

Alex Schultz (alex-schultz) on 2017-10-04

Changed in tripleo:
milestone:	queens-1 → queens-2

Alex Schultz (alex-schultz) on 2017-11-02

Changed in tripleo:
milestone:	queens-2 → queens-3

Emilien Macchi (emilienm) on 2018-01-26

Changed in tripleo:
milestone:	queens-3 → queens-rc1

Alex Schultz (alex-schultz) on 2018-02-20

Changed in tripleo:
milestone:	queens-rc1 → rocky-1

Alex Schultz (alex-schultz) on 2018-04-20

Changed in tripleo:
milestone:	rocky-1 → rocky-2

Emilien Macchi (emilienm) on 2018-06-05

Changed in tripleo:
milestone:	rocky-2 → rocky-3

Emilien Macchi (emilienm) on 2018-07-26

Changed in tripleo:
milestone:	rocky-3 → rocky-rc1

Emilien Macchi (emilienm) on 2018-07-26

Changed in tripleo:
milestone:	rocky-rc1 → stein-1

Juan Antonio Osorio Robles (juan-osorio-robles) on 2018-10-30

Changed in tripleo:
milestone:	stein-1 → stein-2

Revision history for this message

Emilien Macchi (emilienm) wrote on 2018-12-29: Cleanup EOL bug report

This is an automated cleanup. This bug report has been closed because it
is older than 18 months and there is no open code change to fix this.
After this time it is unlikely that the circumstances which lead to
the observed issue can be reproduced.

If you can reproduce the bug, please:
* reopen the bug report (set to status "New")
* AND add the detailed steps to reproduce the issue (if applicable)
* AND leave a comment "CONFIRMED FOR: <RELEASE_NAME>"
Only still supported release names are valid (FUTURE, PIKE, QUEENS, ROCKY, STEIN).
Valid example: CONFIRMED FOR: FUTURE

Changed in tripleo:
importance:	Medium → Undecided
status:	Triaged → Expired

Revision history for this message

Ruslanas Gzibovskis (lpic) wrote on 2019-09-30:

this is still active :) and reproducible :)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.