kolla-ansible tls on external vip is broken
Bug #1642233 reported by
Javier Castillo
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kolla-ansible |
Fix Released
|
High
|
Unassigned |
Bug Description
Hi
when deploying with TLS/SELF-SIGNED certificates, tool "init-runonce" fails because it executes glance, nova and neutron without "--insecure" flag, so they report
SSL exception connecting to https:/
NOTE(pbourke): This seems to be a problem during deploy as Pierre notes below, currently it seems tls on the external vip for Kolla is broken. Bumping to high priority.
Changed in kolla: | |
importance: | Undecided → Medium |
affects: | kolla → kolla-ansible |
Changed in kolla-ansible: | |
milestone: | none → ocata-2 |
status: | New → Confirmed |
Changed in kolla-ansible: | |
milestone: | ocata-2 → ocata-3 |
Changed in kolla-ansible: | |
milestone: | ocata-3 → ocata-rc1 |
Changed in kolla-ansible: | |
milestone: | ocata-rc1 → ocata-rc2 |
milestone: | ocata-rc2 → pike-1 |
Changed in kolla-ansible: | |
milestone: | pike-2 → pike-3 |
Changed in kolla-ansible: | |
milestone: | pike-3 → pike-rc1 |
Changed in kolla-ansible: | |
milestone: | pike-rc1 → pike-rc2 |
milestone: | pike-rc2 → queens-1 |
Changed in kolla-ansible: | |
importance: | Medium → High |
description: | updated |
summary: |
- SSL problem: init-runonce + kolla-ansible tls on external vip is broken |
Changed in kolla-ansible: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
This should not be an issue as init-runonce runs against internal api network which is not under SSL. Other issue could be a custom adminrc file pointing to external network or a service not correctly handling the interface to internal.
Could you provide more information of your config and in what step fails?