Mirantis OpenStack

Env deployment of MOS 9.0 was dropped with LDAP Plugin 3.0.0

Bug #1598128 reported by Pavel on 2016-07-01

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Mirantis OpenStack	Fix Released	High	Max Yatsenko	Mirantis OpenStack 9.1

Bug Description

Detailed bug description:
Problem discovered on MOS 9.0 #495 RC2 and ldap-3.0-3.0.0-1.noarch_01072016.rpm version of plugin.

Steps to reproduce:
Install ldap plugin.
Deploy env with this params:
***LDAP PLUGIN***

Domain name
openldap1

LDAP URL
ldap://172.18.196.27

LDAP User
cn=admin,dc=apetrov,dc=tld

LDAP Suffix
dc=openldap1,dc=tld

LDAP User Password
qwerty123!

Users Tree DN
dc=openldap1,dc=tld

Groups Tree DN
dc=openldap1,dc=tld

Group ID Attribute
cn

Group Name Attribute
cn

List of additional Domains
domain=keystone2.tld
user=cn=Administrator,cn=Users,dc=keystone2,dc=tld
group_id_attribute=cn
group_objectclass=groupOfNames
user_objectclass=person
user_name_attribute=cn
password=qwerty123!!
user_allow_delete=False
group_allow_create=False
user_tree_dn=dc=keystone2,dc=tld
user_pass_attribute=userPassword
user_enabled_attribute=enabled
user_allow_create=False
user_allow_update=False
group_tree_dn=dc=keystone2,dc=tld
group_desc_attribute=description
user_filter=
group_allow_update=False
group_filter=
url=ldap://172.16.56.26
suffix=dc=keystone2,dc=tld
group_member_attribute=member
group_allow_delete=False
use_tls=False
query_scope=sub
group_name_attribute=cn
user_id_attribute=cn
ldap_proxy=true

domain=openldap3
url=ldap://172.18.196.27
suffix=dc=apetrov,dc=tld
user=cn=admin,dc=apetrov,dc=tld
password=1111
query_scope=sub
user_tree_dn=dc=apetrov,dc=tld
user_objectclass=inetOrgPerson
user_id_attribute=cn
user_name_attribute=sn
user_pass_attribute=userPassword
user_enabled_attribute=enabled
user_allow_create=False
user_allow_update=False
user_allow_delete=False
user_filter=
group_tree_dn=dc=apetrov,dc=tld
group_objectclass=groupOfNames
group_id_attribute=cn
group_name_attribute=cn
group_desc_attribute=description
group_member_attribute=member
group_allow_create=False
group_allow_update=False
group_allow_delete=False
group_filter=
use_tls=False

List of custom LDAP proxy configs
config_for=keystone2.tld
database ldap
#its custom config
suffix "dc=keystone2,dc=tld"
readonly yes
protocol-version 3
uri "ldap://172.16.56.26"
rootdn "dc=keystone2,dc=tld"
idassert-bind bindmethod=simple
                binddn="CN=Administrator,CN=Users,DC=keystone2,DC=tld"
                credentials="qwerty123!!"
                mode=none
idassert-authzFrom "*"

***NETWORK***

CIDR
172.16.54.192/26

IP Range
172.16.54.194
-
172.16.54.208

Gateway
172.16.54.193

Floating IP range
172.16.54.209
-
172.16.54.223

Floating network name
admin_floating_net

Admin Tenant network CIDR

192.168.111.0/24

Admin Tenant network gateway
192.168.111.1

Admin Tenant network name
admin_internal_net

Expected results:
Deploy is success.

Actual result:
Deployment has failed. All nodes are finished. Failed tasks: Task[ldap_plugin/7] Stopping the deployment process!
Logs:
2016-07-01 11:26:53 ERR 'undef' from right operand of 'in' expression is not of a supported type (string, array or hash) at /etc/fuel/plugins/ldap-3.0/puppet/modules/plugin_ldap/manifests/multiple_domain.pp:25 on node node-7.domain.tld

Workaround:
n/a

Impact:
unknown

Description of the environment:
* 3 venv nodes:
  - CPU: 4 × 2.10 GHz
  - RAM: 9GB
  - HDD: 384GB
  - Network: 2 × 10GB/s, 2 × 1GB/s
* Node roles:
  - 1 controllers
  - 2 computes
* Details:
  - OS on controllers: Mitaka on Ubuntu 14.04
  - Neutron with VLAN segmentation

Tags:

Revision history for this message

Max Yatsenko (myatsenko) wrote on 2016-07-04:

the patch was merged: https://review.openstack.org/#/c/336603/

Changed in mos:
status:	New → Fix Committed

Dina Belova (dbelova) on 2016-07-04

Changed in mos:
status:	Fix Committed → Confirmed
milestone:	9.0 → 9.1

Revision history for this message

Ivan Berezovskiy (iberezovskiy) wrote on 2016-07-19:

Fix was already merged. Plugin was released for Fuel 9.0

Changed in mos:
status:	Confirmed → Fix Committed

Revision history for this message

Alexander Petrov (apetrov-n) wrote on 2016-09-02:

The fix is verified on MOS 9.0

Changed in mos:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.