series-upgrade from Queens to Rocky fails when using keystone-ldap

Bug #1851938 reported by Drew Freiberger on 2019-11-09
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack keystone charm

Bug Description

The keystone openstack-upgrade action fails from bionic:distro/queens to bionic-rocky upgrade if you have the keystone-ldap subordinate installed due to issue noted here of using py2 packages for py3 keystone version.

Since the keystone-ldap charm doesn't track UCA changes from keystone, we need the openstack-upgrade action to check for keystone-ldap relation and add the python3-ldappool package which is missing and causing 500 errors for keystone after the apache wsgi API is restarted which causes the keystone-manager calls to fail during openstack-upgrade.

After resolving, I installed the python3-ldappool package and then tried re-running the openstack-upgrade action, but it doesn't detect a upgrade to complete.

Workaround is to install python3-ldappool package before keystone upgrade.

This was fixed in keystone-ldap package here:
but doesn't work in an action-managed upgrade process for keystone.

This was found with charms 19.10 during an openstack series upgrade.

Drew Freiberger (afreiberger) wrote :

It should be noted, this site upgraded charms directly from 18.11 to 19.10 before this openstack upgrade. Not sure if this would be something affected by missing a stepped charm upgrade.

Drew Freiberger (afreiberger) wrote :

subscribed field-medium as this breaks queens to rocky openstack series upgrade

tags: added: openstack-upgrade
tags: added: series-upgade
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers