MaaS: RabbitMQ's maas_user password not set or used in 10.1.10
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack-Ansible |
Invalid
|
Undecided
|
Unassigned | ||
| Juno |
Won't Fix
|
Undecided
|
Unassigned | ||
| Trunk |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
During the 10.1.10 upgrade a maas_user is created in rabbit to replace the insecure credentials used in previous versions.
A maas_user is created and set to administrator correctly, and a password defined in the user variables text file. However, this password is not set for the rabbit user. Also, the remote playbook does not create rabbit checks that use this user and password so they fail. (I do see that the rabbit checks must be removed beforehand - the playbooks recreate checks that do not use these credentials.)
We were able to work around these issues during the maintenances by going into the rabbit containers, using rabbitmqctl to set the maas_user password, and editing the checks manually to include the -U and -p flags with the appropriate credentials.
| Matthew Thode (prometheanfire) wrote | #1 |
| Christy Mason (christy-mason) wrote | #2 |
| no longer affects: | openstack-ansible/juno |
| Robb Romans (rromans) wrote | #3 |
| Matthew Thode (prometheanfire) wrote | #4 |
| Jesse Pretorius (jesse-pretorius) wrote | #5 |
does this occur only during upgrades or also fresh installs?