Can't run devstack more than once following docs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
devstack |
Fix Released
|
Undecided
|
Ian Wienand |
Bug Description
When running stack.sh for the first time, it asks you to input passwords for various things (database, RabbitMQ, ...), or automatically generates passwords for you if you leave it blank. Before you do so, it announces that "This value will be written to your localrc file so you don't have to enter it again." This is a lie.
Actually, it's sort of half-true: it would write it to the localrc file if that file already existed. But there is no reason for that file to ever exist: all of the documentation directs the user to put local configuration in the local.conf file.
If no localrc file exists (because the config is, correctly, in local.conf), the values are actually written to the .localrc.auto file. And it is categorically untrue that now that the value is written you won't have to enter it again. Because devstack only stores the value until you are just about to need to enter it again (i.e. when you re-run stack.sh) and then it unceremoniously deletes the .localrc.auto file and proceeds to ask you to enter them again or generate new ones automatically. But it won't update any of the existing places they are used, so nothing works any more.
This leaves the user with approximately four options, in ascending order of difficulty:
1) Give up on OpenStack and carry on with their life
2) Rebuild a new VM and start again from scratch with devstack
3) Track down every single configuration file in the system where the old passwords are stored and delete the files they contain (Note: I have not yet successfully found them all)
4) Try every permutation of 20 alphanumeric characters for each of the 4 passwords until it works again (Note: probably impossible even in theory, roughly 105 bits of entropy)
I gather that all serious devstack users set the passwords in their local.conf file to avoid this problem. That certainly helps to explain how this bug could have gone unfixed for 20 months. Like all of the best bugs, this was described as a "feature" in comments on the review that introduced it: https:/
Be that as it may, there is nothing to indicate to new users that this is the case. The configuration docs - even assuming that one reads them studiously, as I of course did - state that "stack.sh is happy to run without a localrc section in local.conf" and "If the *_PASSWORD variables are not set here you will be prompted to enter values for them by stack.sh." I believe at a minimum the docs should be changed to read "stack.sh is happy to run *exactly once* without a localrc section in local.conf" and "If the *_PASSWORD variables are not set here then you must make sure to never ever ever ever allow the screen session to end for any reason, otherwise no more devstack for you." Perhaps we could also take the opportunity to tweak the phrasing from "devlife is better when there are a few minimal variables set" to "devlife less closely resembles the sixth circle of hell when there are a few minimal variables set".
Even better would be if stack.sh refused to run without these variables set. Setting some random values for passwords and then forgetting them is *never* the right thing to do under *any* circumstances.
Even better still would be to forget about this "feature" and make it Just Work(TM).
i think it's probably pretty easy to just store these in a separate file. we want to overwrite .localrc.auto in-case people change their local.conf