Missing region_name in keystone_auth section
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kolla-ansible |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Hi,
I found strange behaviour when openstack was deployed to two regions, openid keystone federation with public keystone endpoints defined for both regions (edge architecture) - RegionOne, RegionTwo.
Horizon also available in both regions.
Unfortunately I don't have test stack right now, but I will try to explain behaviour what I've seen.
I noticed below pattern of behavior when using horizon and switching between RegionOne and RegionTwo (for example list instances for RegionOne, switch to RegionTwo and vice versa):
From horizon RegionOne operations against RegionOne always working.
From horizon RegionOne operations against RegionTwo are broken from time to time.
From horizon RegionTwo operations against RegionOne always working.
From horizon RegionTwo operations against RegionTwo are broken from time to time.
The above pattern of behavior made me look at the configuration of RegionTwo and found that kolla is not setting region_name in keystone middleware section.
When I've set region_name = RegionOne in regionOne and region_name = RegionTwo in regiontwo, everything started to working flawlessly.
From keystone middleware opts.py -
cfg.
Changed in kolla-ansible: | |
importance: | Undecided → Medium |
description: | updated |
Changed in kolla-ansible: | |
status: | New → In Progress |
Reviewed: https:/ /review. opendev. org/c/openstack /kolla- ansible/ +/791980 /opendev. org/openstack/ kolla-ansible/ commit/ 7da770d290eb1d4 5f3bca50aba965b 47e40c9a83
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 7da770d290eb1d4 5f3bca50aba965b 47e40c9a83
Author: Michal Arbet <email address hidden>
Date: Tue May 18 16:06:41 2021 +0200
Add missing region_name in keystoneauth sections
Closes-Bug: #1933025
Change-Id: Ib67d715ddfa986 a5b70a55fdda39e 6d0e3333162