OpenStack Charms Deployment Guide

Guide misses SSL configuration and point to a script that by default use plain-text

Bug #1914262 reported by Luiz Otavio de Oliveira
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Charms Deployment Guide
New
Undecided
Unassigned

Bug Description

- [ ] This doc is inaccurate in this way: ______
- [ ] This is a doc addition request.
- [x] I have a fix to the document that I can paste below including example: input and output.

In the Configure Openstack section the guide suggests a script that doesn't work in the environment configured following the guide.

line 12 in 'openrc' script sets OS_AUTH_URL env to 'http' (plain-text) when there is no 'OS_AUTH_PROTOCOL' env set (what is the case here), causing subsequent 'openstack endpoint list' to fail.

When you add keystone:certificates relation to the vault:certificates, the keystone charm updates the configuration to require SSL.

I suggest to set 'OS_AUTH_PROTOCOL=https' env and instruct how to download vault CA cert and set 'OS_CACERT' env pointing to it.

-----------------------------------
Release: 0.0.1.dev227 on 2020-12-02 18:34:51
SHA: 7bf2971698086ee176ee7ebe3702125e8c9edd87
Source: https://opendev.org/openstack/charm-deployment-guide/src/deploy-guide/source/config-openstack.rst
URL: https://docs.openstack.org/project-deploy-guide/charm-deployment-guide/victoria/config-openstack.html

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.