/etc/contrail/contrail-keystone-auth.conf file is not updated with admin credentials during provisioning
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Fuel for OpenStack |
Confirmed
|
High
|
Fuel Plugin Contrail |
Bug Description
Juniper confirmed with their Engineering team that this issue (admin credentials in /etc/contrail/
MOS versions tested: MOS 8.0 -> MOS 9.2 -> Affects keystone v3 only.
OS: Ubuntu 14.04 and 16.04
Network Model: OpenContrail/
Deploy a cloud with the OpenContrail or Contrail Plugin and change the 'admin' password. The deployment will fail as the credentials in /etc/contrail/
Workaround: Edit the /etc/contrail/
The issue is only when using keystone v3, using v2 with local users works fine.
When using v3 project, user in Contrail UI with admin rights can’t create network or create router.
User can create network in horizon then edit network in contrail UI to add route-targets, policies etc
User can add router in horizon, but can’t bind interface to router (error is given that domain and project don’t exist). After viewing the Security Group for the project (only need to view it no changes need to be made), then you can bind interface to router. Everything appears to work fine after that.
The default keystone config on the contrail config node after deployment is using the services tenant and neutron user. Note this wasn’t a problem in MOS9 with Contrail 3.1, I don’t have this setup anymore to compare if the .conf file is the same or not. There seems to be some v3 domain changes from 3.1 to 3.2 and I suspect that is the difference.
# default .conf file on contrail config node
admin_tenant_
admin_user=neutron
admin_password=
Changing this to the admin user/tenant and adding v3 auth url (all changes in bold) then restarting contrail fixes all the above issues.
root@contrail1:~# more /etc/contrail/
[KEYSTONE]
auth_url=http://
auth_host=
#admin_
auth_port=35357
#admin_user=neutron
auth_protocol=http
insecure=True
#admin_
memcache_
admin_user=admin
admin_password=
admin_tenant_
description: | updated |
Changed in fuel: | |
milestone: | none → 9.x-updates |
assignee: | nobody → Fuel Plugin Contrail (fuel-plugin-contrail) |
importance: | Undecided → High |
status: | New → Confirmed |