Keystone in container: missing trusted CA
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
High
|
Cédric Jeanneret deactivated |
Bug Description
Dear Stackers,
While migrating my pike BM to pike Containers, keystone had some issues validating authentication against our freeIPA.
The reason was the lack of the following file in the keystone container:
/etc/pki/
The error message in the logs:
2018-04-23 06:09:33.543 22 ERROR keystone.
Inspecting the container showed multiple mounts related to the pki content, but apparently this precise location was overlooked:
Missing:
"/etc/pki/
Container version:
<satellite>
Note: we consolidate images in our local satellite. We use the "current-tripleo" tag.
Cheers,
C.
Changed in tripleo: | |
status: | New → Triaged |
milestone: | none → rocky-2 |
importance: | Undecided → High |
Fix proposed to branch: master /review. openstack. org/563525
Review: https:/