Pike HA overcloud is broken when using TLS everywhere
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
High
|
Damien Ciabrini |
Bug Description
Deploying an overcloud with templates for HA and TLS everywhere currently results in a failure during the configuration generation for the redis service:
root@controller-0 heat-admin]# docker logs -f docker-puppet-redis
+ mkdir -p /etc/puppet
+ cp -a /tmp/puppet-
+ rm -Rf /etc/puppet/ssl
+ echo '{"step": 6}'
+ TAGS=
+ '[' -n file,file_
+ TAGS='--tags file,file_
+ origin_
+ touch /var/lib/
+ sync
+ set +e
+ FACTER_
+ FACTER_uuid=docker
+ /usr/bin/puppet apply --detailed-
Failed to get D-Bus connection: Operation not permitted
Notice: hiera(): Cannot load backend module_data: cannot load such file -- hiera/backend/
Warning: Undefined variable 'deploy_
(file & line not available)
Notice: hiera(): Cannot load backend module_data: cannot load such file -- hiera/backend/
Error: Evaluation Error: Error while evaluating a Function Call, tls_proxy_bind_ip is not set in the hieradata. at /etc/puppet/
+ rc=1
+ set -e
+ '[' 1 -ne 2 -a 1 -ne 0 ']'
+ exit 1
While Redis doesn't support TLS everywhere is Pike, it relies on the base puppet modules which lately uses TLS bits when TLS everywhere is enabled.
Changed in tripleo: | |
milestone: | none → rocky-rc1 |
Changed in tripleo: | |
milestone: | rocky-rc1 → stein-1 |
Changed in tripleo: | |
status: | Triaged → Fix Released |
Fix proposed to branch: stable/pike /review. openstack. org/586862
Review: https:/