Scaling out to a new keystone host with --limit overwrites existing fernet keys
Bug #1891364 reported by
Mark Goddard
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kolla-ansible |
Fix Released
|
Medium
|
Mark Goddard | ||
Ussuri |
Fix Released
|
Medium
|
Mark Goddard | ||
Victoria |
Fix Released
|
Medium
|
Mark Goddard |
Bug Description
Steps to reproduce:
* Deploy a cloud
* Add another controller to the inventory
* Deploy to the new controller using --limit:
kolla-ansible deploy --limit new-controller
Expected results:
The new controller uses the cluster's existing fernet keys.
Actual results:
New fernet keys are generated on the new controller, and pushed out to the existing controllers. This invalidates tokens created from those keys.
Changed in kolla-ansible: | |
importance: | Undecided → Medium |
status: | New → Triaged |
To post a comment you must log in.
Related: https:/ /bugs.launchpad .net/kolla- ansible/ +bug/1748065