Bug #1886615 “Encrypted volumes unusable with internal TLS enabl...” : Series ussuri : Bugs : kolla-ansible

Jie Li (ramboman) on 2020-07-07

Changed in kolla-ansible:
assignee:	nobody → Jie Li (ramboman)

Revision history for this message

Mark Goddard (mgoddard) wrote on 2020-07-09:

#1

https://review.opendev.org/739429

summary:

- create resource failed when the openstack env enable internal TLS
+ Encrypted volumes unusable with internal TLS enabled

OpenStack Infra (hudson-openstack) on 2020-07-09

Changed in kolla-ansible:
assignee:	Jie Li (ramboman) → Mark Goddard (mgoddard)

OpenStack Infra (hudson-openstack) on 2020-07-09

Changed in kolla-ansible:
assignee:	Jie Li (ramboman) → Radosław Piliszek (yoctozepto)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-07-14: Fix merged to kolla-ansible (master)

#2

Reviewed: https://review.opendev.org/739429
Committed: https://git.openstack.org/cgit/openstack/kolla-ansible/commit/?id=0e9a81fdca4e94048b731bc4c79da8b397437365
Submitter: Zuul
Branch: master

commit 0e9a81fdca4e94048b731bc4c79da8b397437365
Author: ramboman <email address hidden>
Date: Mon Jul 6 16:37:52 2020 +0800

Fix Barbican client (Castellan) with TLS

    The Castellan (Barbican client) has different parameters to control
    the used CA file.
    This patch uses them.
    Moreover, this aligns Barbican with other services by defaulting
    its client config to the internal endpoint.

See also [1].

[1] https://bugs.launchpad.net/castellan/+bug/1876102

Closes-Bug: #1886615

Change-Id: I6a174468bd91d214c08477b93c88032a45c137be

Changed in kolla-ansible:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-07-20: Fix proposed to kolla-ansible (stable/ussuri)

#3

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/741913

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-07-20: Fix merged to kolla-ansible (stable/ussuri)

#4

Reviewed: https://review.opendev.org/741913
Committed: https://git.openstack.org/cgit/openstack/kolla-ansible/commit/?id=aca3736e74abe9f155f36ccc6168b770a06bb121
Submitter: Zuul
Branch: stable/ussuri

commit aca3736e74abe9f155f36ccc6168b770a06bb121
Author: ramboman <email address hidden>
Date: Mon Jul 6 16:37:52 2020 +0800

Fix Barbican client (Castellan) with TLS

    The Castellan (Barbican client) has different parameters to control
    the used CA file.
    This patch uses them.
    Moreover, this aligns Barbican with other services by defaulting
    its client config to the internal endpoint.

See also [1].

[1] https://bugs.launchpad.net/castellan/+bug/1876102

Closes-Bug: #1886615

Change-Id: I6a174468bd91d214c08477b93c88032a45c137be
(cherry picked from commit 0e9a81fdca4e94048b731bc4c79da8b397437365)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-08-07: Fix proposed to kolla-ansible (master)

#5

Fix proposed to branch: master
Review: https://review.opendev.org/745324

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-08-10: Fix merged to kolla-ansible (master)

#6

Reviewed: https://review.opendev.org/745324
Committed: https://git.openstack.org/cgit/openstack/kolla-ansible/commit/?id=97e26b49cdb7962a1dc6f1a236a0c565ccba0d77
Submitter: Zuul
Branch: master

commit 97e26b49cdb7962a1dc6f1a236a0c565ccba0d77
Author: Mark Goddard <email address hidden>
Date: Fri Aug 7 14:16:03 2020 +0100

Fix Barbican client (Castellan) with TLS (part 2)

    This patch is a continuation of
    I6a174468bd91d214c08477b93c88032a45c137be for the nova-cell role, which
    was missed.

    The Castellan (Barbican client) has different parameters to control
    the used CA file.
    This patch uses them.
    Moreover, this aligns Barbican with other services by defaulting
    its client config to the internal endpoint.

See also [1].

[1] https://bugs.launchpad.net/castellan/+bug/1876102

Closes-Bug: #1886615

Change-Id: I056f3eebcf87bcbaaf89fdd0dc1f46d143db7785

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-08-10: Fix proposed to kolla-ansible (stable/ussuri)

#7

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/745526

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2020-08-10: Fix merged to kolla-ansible (stable/ussuri)

#8

Reviewed: https://review.opendev.org/745526
Committed: https://git.openstack.org/cgit/openstack/kolla-ansible/commit/?id=ed6c6babf85a2d26077ac0b407431e22732eef60
Submitter: Zuul
Branch: stable/ussuri

commit ed6c6babf85a2d26077ac0b407431e22732eef60
Author: Mark Goddard <email address hidden>
Date: Fri Aug 7 14:16:03 2020 +0100

Fix Barbican client (Castellan) with TLS (part 2)

    This patch is a continuation of
    I6a174468bd91d214c08477b93c88032a45c137be for the nova-cell role, which
    was missed.

    The Castellan (Barbican client) has different parameters to control
    the used CA file.
    This patch uses them.
    Moreover, this aligns Barbican with other services by defaulting
    its client config to the internal endpoint.

See also [1].

[1] https://bugs.launchpad.net/castellan/+bug/1876102

Closes-Bug: #1886615

Change-Id: I056f3eebcf87bcbaaf89fdd0dc1f46d143db7785
(cherry picked from commit 97e26b49cdb7962a1dc6f1a236a0c565ccba0d77)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-01-07: Fix included in openstack/kolla-ansible 10.2.0

#9

This issue was fixed in the openstack/kolla-ansible 10.2.0 release.

	Status	Importance	Assigned to	Milestone
kolla-ansible	Fix Released	Medium	Radosław Piliszek	kolla-ansible 11.0.0 "victoria"
Train	New	Medium	Unassigned
Ussuri	Fix Committed	Medium	Mark Goddard
Victoria	Fix Released	Medium	Radosław Piliszek	kolla-ansible 11.0.0 "victoria"

kolla-ansible

Encrypted volumes unusable with internal TLS enabled

Bug Description

Other bug subscribers

Remote bug watches