trust invalid when user is disabled

Bug #1752433 reported by Ricardo Rocha on 2018-02-28
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Magnum
Status tracked in Rocky
Rocky
In Progress
High
Sayali Lunkad

Bug Description

Magnum clusters rely on trusts to authenticate with OpenStack services. This is created at cluster time, and belongs to the user that launched the cluster.

When that user is disabled or the account is deleted, the trust is no longer valid and the cluster becomes unhealthy as it cannot talk to OpenStack any longer. Magnum relies on it for different operations.

As project trusts (or app credentials) are not possible:
( see http://lists.openstack.org/pipermail/openstack-dev/2018-February/127785.html )

one option is to add a magnum command to renew the trust, setting it to the user issuing that command.

Spyros Trigazis (strigazi) wrote :

This change will also solve the heat trustor when this bug is fixed in heat.
https://bugs.launchpad.net/heat/+bug/1752347

Changed in magnum:
assignee: nobody → Sayali Lunkad (sayalilunkad)

Fix proposed to branch: master
Review: https://review.openstack.org/556847

Changed in magnum:
status: New → In Progress

Change abandoned by Spyros Trigazis (<email address hidden>) on branch: master
Review: https://review.opendev.org/556847
Reason: The magnum team is cleaning up the backlog of changes older than 30 days. Feel to restore your patch.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers