kolla-ansible

Missing region_name in keystone_auth section

Bug #1933025 reported by Michal Arbet
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
kolla-ansible
Fix Released
Medium
Unassigned

Bug Description

Hi,

I found strange behaviour when openstack was deployed to two regions, openid keystone federation with public keystone endpoints defined for both regions (edge architecture) - RegionOne, RegionTwo.
Horizon also available in both regions.

Unfortunately I don't have test stack right now, but I will try to explain behaviour what I've seen.

I noticed below pattern of behavior when using horizon and switching between RegionOne and RegionTwo (for example list instances for RegionOne, switch to RegionTwo and vice versa):

From horizon RegionOne operations against RegionOne always working.
From horizon RegionOne operations against RegionTwo are broken from time to time.
From horizon RegionTwo operations against RegionOne always working.
From horizon RegionTwo operations against RegionTwo are broken from time to time.

The above pattern of behavior made me look at the configuration of RegionTwo and found that kolla is not setting region_name in keystone middleware section.

When I've set region_name = RegionOne in regionOne and region_name = RegionTwo in regiontwo, everything started to working flawlessly.

From keystone middleware opts.py -

      cfg.StrOpt('region_name',
               help='The region in which the identity server can be found.'),

See original description
Mark Goddard (mgoddard)
Changed in kolla-ansible:
importance: Undecided → Medium
description: updated
OpenStack Infra (hudson-openstack)
Changed in kolla-ansible:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to kolla-ansible (master)

Reviewed: https://review.opendev.org/c/openstack/kolla-ansible/+/791980
Committed: https://opendev.org/openstack/kolla-ansible/commit/7da770d290eb1d45f3bca50aba965b47e40c9a83
Submitter: "Zuul (22348)"
Branch: master

commit 7da770d290eb1d45f3bca50aba965b47e40c9a83
Author: Michal Arbet <email address hidden>
Date: Tue May 18 16:06:41 2021 +0200

    Add missing region_name in keystoneauth sections

    Closes-Bug: #1933025

    Change-Id: Ib67d715ddfa986a5b70a55fdda39e6d0e3333162

Changed in kolla-ansible:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to kolla-ansible (stable/wallaby)

Fix proposed to branch: stable/wallaby
Review: https://review.opendev.org/c/openstack/kolla-ansible/+/797477

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to kolla-ansible (stable/victoria)

Fix proposed to branch: stable/victoria
Review: https://review.opendev.org/c/openstack/kolla-ansible/+/797478

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to kolla-ansible (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/kolla-ansible/+/797479

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to kolla-ansible (stable/wallaby)

Reviewed: https://review.opendev.org/c/openstack/kolla-ansible/+/797477
Committed: https://opendev.org/openstack/kolla-ansible/commit/24d3228d00ecf749575a3913004c6325353228e1
Submitter: "Zuul (22348)"
Branch: stable/wallaby

commit 24d3228d00ecf749575a3913004c6325353228e1
Author: Michal Arbet <email address hidden>
Date: Tue May 18 16:06:41 2021 +0200

    Add missing region_name in keystoneauth sections

    Closes-Bug: #1933025

    Change-Id: Ib67d715ddfa986a5b70a55fdda39e6d0e3333162
    (cherry picked from commit 7da770d290eb1d45f3bca50aba965b47e40c9a83)

tags: added: in-stable-wallaby
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to kolla-ansible (stable/victoria)

Reviewed: https://review.opendev.org/c/openstack/kolla-ansible/+/797478
Committed: https://opendev.org/openstack/kolla-ansible/commit/f0487e793a2283ff30776ebf70be9476d1d05a17
Submitter: "Zuul (22348)"
Branch: stable/victoria

commit f0487e793a2283ff30776ebf70be9476d1d05a17
Author: Michal Arbet <email address hidden>
Date: Tue May 18 16:06:41 2021 +0200

    Add missing region_name in keystoneauth sections

    Closes-Bug: #1933025

    Change-Id: Ib67d715ddfa986a5b70a55fdda39e6d0e3333162
    (cherry picked from commit 7da770d290eb1d45f3bca50aba965b47e40c9a83)

tags: added: in-stable-victoria
tags: added: in-stable-ussuri
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to kolla-ansible (stable/ussuri)

Reviewed: https://review.opendev.org/c/openstack/kolla-ansible/+/797479
Committed: https://opendev.org/openstack/kolla-ansible/commit/026ddc97d29a0eff6c4e759125029afd3721346b
Submitter: "Zuul (22348)"
Branch: stable/ussuri

commit 026ddc97d29a0eff6c4e759125029afd3721346b
Author: Michal Arbet <email address hidden>
Date: Tue May 18 16:06:41 2021 +0200

    Add missing region_name in keystoneauth sections

    Closes-Bug: #1933025

    Change-Id: Ib67d715ddfa986a5b70a55fdda39e6d0e3333162
    (cherry picked from commit 7da770d290eb1d45f3bca50aba965b47e40c9a83)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/kolla-ansible 11.1.0

This issue was fixed in the openstack/kolla-ansible 11.1.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/kolla-ansible 12.1.0

This issue was fixed in the openstack/kolla-ansible 12.1.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/kolla-ansible 10.3.0

This issue was fixed in the openstack/kolla-ansible 10.3.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/kolla-ansible 13.0.0.0rc1

This issue was fixed in the openstack/kolla-ansible 13.0.0.0rc1 release candidate.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.