trust invalid when user is disabled
Bug #1752433 reported by
Ricardo Rocha
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Magnum | Status tracked in Rocky | |||||
Rocky |
In Progress
|
High
|
Sayali Lunkad |
Bug Description
Magnum clusters rely on trusts to authenticate with OpenStack services. This is created at cluster time, and belongs to the user that launched the cluster.
When that user is disabled or the account is deleted, the trust is no longer valid and the cluster becomes unhealthy as it cannot talk to OpenStack any longer. Magnum relies on it for different operations.
As project trusts (or app credentials) are not possible:
( see http://
one option is to add a magnum command to renew the trust, setting it to the user issuing that command.
Changed in magnum: | |
assignee: | nobody → Sayali Lunkad (sayalilunkad) |
To post a comment you must log in.
This change will also solve the heat trustor when this bug is fixed in heat. /bugs.launchpad .net/heat/ +bug/1752347
https:/