Bug #1668618 “overcloud nodes on RHEL need direct network access...” : Bugs : tripleo

Revision history for this message

Julie Pichon (jpichon) wrote on 2017-02-28:

#1

https://review.openstack.org/#/c/437247/

James Slagle (james-slagle) on 2017-02-28

tags:	added: ocata-backport-potential
Changed in tripleo:
assignee:	nobody → Emilien Macchi (emilienm)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-03-01: Fix merged to tripleo-heat-templates (stable/ocata)

#2

Reviewed: https://review.openstack.org/438961
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=f0d6c7b6ed9a8b03733b4c913fdbaa403e0aad7b
Submitter: Jenkins
Branch: stable/ocata

commit f0d6c7b6ed9a8b03733b4c913fdbaa403e0aad7b
Author: Vincent S. Cojot <email address hidden>
Date: Wed Feb 22 23:50:05 2017 -0500

Adds http proxy support for registering RHEL overcloud nodes

It is quite common in large entreprises that direct HTTP/HTTPS to the outside
world is denied from nodes/systems but reaching out through a proxy is allowed.

    This change adds support for an HTTP proxy when RHEL overcloud nodes reach
    out to either the RHSM portal or to a satellite server. This allows the
    overcloud nodes to download updates even in locked-down environments.

    The following variables are settable through templates:
      rhel_reg_http_proxy_host:
      rhel_reg_http_proxy_port:
      rhel_reg_http_proxy_username:
      rhel_reg_http_proxy_password:

    Note the following restrictions:
      - If setting rhel_reg_http_proxy_host,
        then rhel_reg_http_proxy_port cannot be empty.
      - If setting rhel_reg_http_proxy_port,
        then rhel_reg_http_proxy_host cannot be empty.
      - If setting rhel_reg_http_proxy_username,
        then rhel_reg_http_proxy_password cannot be empty.
      - If setting rhel_reg_http_proxy_password,
        then rhel_reg_http_proxy_username cannot be empty.
      - If setting either rhel_reg_http_proxy_username or
        rhel_reg_http_proxy_password, then rhel_reg_http_proxy_host
        AND rhel_reg_http_proxy_port cannot be empty

    Closes-Bug: #1668618
    Change-Id: I003ad5449bd99c01376781ec0ce9074eca3e2704
    (cherry picked from commit 3002edc90a631f3adb8ae0ee696062347f94ea52)

tags:

added: in-stable-ocata

Emilien Macchi (emilienm) on 2017-03-06

Changed in tripleo:
milestone:	ocata-rc2 → pike-1

Revision history for this message

Ben Nemec (bnemec) wrote on 2017-03-06:

#3

This is done for ocata. Newton backport here: https://review.openstack.org/#/c/439682/

Changed in tripleo:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-03-06: Fix included in openstack/tripleo-heat-templates 6.0.0.0rc2

#4

This issue was fixed in the openstack/tripleo-heat-templates 6.0.0.0rc2 release candidate.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-03-24: Change abandoned on tripleo-heat-templates (stable/newton)

#5

Change abandoned by Emilien Macchi (<email address hidden>) on branch: stable/newton
Review: https://review.openstack.org/439682

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-03-26: Fix merged to tripleo-heat-templates (stable/newton)

#6

Reviewed: https://review.openstack.org/439682
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=61aa399a362363982823687c8f99e28a4d50c430
Submitter: Jenkins
Branch: stable/newton

commit 61aa399a362363982823687c8f99e28a4d50c430
Author: Vincent S. Cojot <email address hidden>
Date: Wed Feb 22 23:50:05 2017 -0500

Adds http proxy support for registering RHEL overcloud nodes

It is quite common in large entreprises that direct HTTP/HTTPS to the outside
world is denied from nodes/systems but reaching out through a proxy is allowed.

    This change adds support for an HTTP proxy when RHEL overcloud nodes reach
    out to either the RHSM portal or to a satellite server. This allows the
    overcloud nodes to download updates even in locked-down environments.

    The following variables are settable through templates:
      rhel_reg_http_proxy_host:
      rhel_reg_http_proxy_port:
      rhel_reg_http_proxy_username:
      rhel_reg_http_proxy_password:

    Note the following restrictions:
      - If setting rhel_reg_http_proxy_host,
        then rhel_reg_http_proxy_port cannot be empty.
      - If setting rhel_reg_http_proxy_port,
        then rhel_reg_http_proxy_host cannot be empty.
      - If setting rhel_reg_http_proxy_username,
        then rhel_reg_http_proxy_password cannot be empty.
      - If setting rhel_reg_http_proxy_password,
        then rhel_reg_http_proxy_username cannot be empty.
      - If setting either rhel_reg_http_proxy_username or
        rhel_reg_http_proxy_password, then rhel_reg_http_proxy_host
        AND rhel_reg_http_proxy_port cannot be empty

    Closes-Bug: #1668618
    Change-Id: I003ad5449bd99c01376781ec0ce9074eca3e2704
    (cherry picked from commit 3002edc90a631f3adb8ae0ee696062347f94ea52)

Emilien Macchi (emilienm) on 2017-04-07

Changed in tripleo:
status:	Fix Committed → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-04-27: Fix included in openstack/tripleo-heat-templates 5.3.0

#7

This issue was fixed in the openstack/tripleo-heat-templates 5.3.0 release.

Affects		Status	Importance	Assigned to	Milestone
	tripleo	Fix Released	Medium	Emilien Macchi	tripleo pike-1 "pike-1"
	Newton	Fix Released	Undecided	Emilien Macchi

tripleo

overcloud nodes on RHEL need direct network access to Satellite servers

Bug Description

Other bug subscribers

Remote bug watches