[ubuntu-binary] swift user not in kolla group
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kolla |
Invalid
|
High
|
Unassigned | ||
Rocky |
Invalid
|
High
|
Unassigned | ||
Stein |
Invalid
|
High
|
Unassigned | ||
Train |
Invalid
|
High
|
Unassigned | ||
Ussuri |
Invalid
|
High
|
Unassigned |
Bug Description
We are currently attempting to deploy stein using kolla-ansible branch stable/stein (sha 741156d2) and kolla docker containers with the following label:
}
As per my comments on https:/
# docker logs swift_proxy_server
+ sudo -E kolla_set_configs
All the swift containers are stuck at the exact same point and there are no logs in /var/logs/
I then had a look at the docker build for the containers and I see the base/sudoers file says
# The idea here is a container service adds their UID to the kolla group
# via usermod -a -G kolla <uid>. Then the kolla_start may run
# kolla_set_configs via sudo as the root user which is necessary to protect
# the immutability of the container
In all our swift containers the swift user is not in the kolla group, e.g.
cat /etc/groups | grep kolla
kolla:x:42400:
A nova based container shows
cat /etc/group | grep kolla
kolla:
I then added the swift user to the kolla group in _all_ the swift containers and after a restart swift applied the configs and started up as expected.
I should add that I have now also manually built the swift containers from the master branch of openstack/kolla using this command
python tools/build.py -b ubuntu swift
I then ran the resultant container:
docker run --rm -it --entrypoint= /bin/bash kolla/ubuntu- binary- swift-object- expirer: 9.1.0
The swift user is still missing from the kolla group:
$ cat /etc/group | grep kolla
kolla:x:42400: