Neutron DHCP agent unable to read TLS key/certificate due to neutron UID mismatch
Bug #1759049 reported by
Tim Rozet
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
High
|
Tim Rozet |
Bug Description
When deploying with TLS and OpenDaylight, neutron dhcp agent is configured with TLS certificate/key in order to be able to communicate with OVSDB (listening in passive ssl). However, neutron dhcp agent fails to add the dhcp tap port to OVSDB because it cannot read the key/certificate. The reason for this bug is because the key and certificate are generated on the host with the uid of neutron on the host. They are then mounted into the container. However, the UID of neutron in the container is not the same as the UID of the host. The neutron packaging distgit spec does not specify a unique UID.
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/556673
Review: https:/