OpenStack-Ansible

Upgrade from 12.0.10 to 13.0.1 fails without local SSH keys

Bug #1574019 reported by James Denton on 2016-04-23

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack-Ansible	Fix Released	High	Jean-Philippe Evrard	OpenStack-Ansible newton-1
	Mitaka	Fix Released	High	Jesse Pretorius	OpenStack-Ansible 13.1.1

Bug Description

Upgrading from 12.0.10 to 13.0.1 and encountered the following error while running setup-hosts.yml:

TASK: [lxc_hosts | Fail if a ssh public key is not set in a var and not present on the host] ***
failed: [cinder02] => {"failed": true}
msg: Please set the lxc_container_ssh_key variable or ensure that the host has the file /root/.ssh/id_rsa.pub present.
failed: [infra03] => {"failed": true}
msg: Please set the lxc_container_ssh_key variable or ensure that the host has the file /root/.ssh/id_rsa.pub present.
skipping: [infra01]
failed: [cinder01] => {"failed": true}
msg: Please set the lxc_container_ssh_key variable or ensure that the host has the file /root/.ssh/id_rsa.pub present.
failed: [infra02] => {"failed": true}
msg: Please set the lxc_container_ssh_key variable or ensure that the host has the file /root/.ssh/id_rsa.pub present.
failed: [compute01] => {"failed": true}
msg: Please set the lxc_container_ssh_key variable or ensure that the host has the file /root/.ssh/id_rsa.pub present.
failed: [compute02] => {"failed": true}
msg: Please set the lxc_container_ssh_key variable or ensure that the host has the file /root/.ssh/id_rsa.pub present.

FATAL: all hosts have already failed -- aborting

PLAY RECAP ********************************************************************
to retry, use: --limit @/root/setup-hosts.retry

cinder01 : ok=28 changed=7 unreachable=0 failed=1
cinder02 : ok=28 changed=7 unreachable=0 failed=1
compute01 : ok=28 changed=7 unreachable=0 failed=1
compute02 : ok=28 changed=7 unreachable=0 failed=1
infra01 : ok=26 changed=7 unreachable=0 failed=0
infra02 : ok=27 changed=7 unreachable=0 failed=1
infra03 : ok=27 changed=7 unreachable=0 failed=1

In my environment, I did not have an SSH key for root on any hosts other than infra01 (the deploy host). That key was listed in authorized_keys on every host, however. Generating a local key on each host with 'ssh-keygen -t rsa -C "<email>"' allowed the playbook to properly complete.

Jean-Philippe Evrard (jean-philippe-evrard) on 2016-04-29

Changed in openstack-ansible:
assignee:	nobody → Jean-Philippe Evrard (jean-philippe-evrard)

OpenStack Infra (hudson-openstack) on 2016-05-03

Changed in openstack-ansible:
status:	New → In Progress

Revision history for this message

Wade Holler (wade-holler) wrote on 2016-05-03:

confirm observing this behavior - I generated a local key on each host as described as well.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-03: Fix proposed to openstack-ansible (stable/mitaka)

Fix proposed to branch: stable/mitaka
Review: https://review.openstack.org/312286

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-09: Fix merged to openstack-ansible (master)

Reviewed: https://review.openstack.org/311162
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible/commit/?id=dfc642c9812257172db8704c4f582e842a006696
Submitter: Jenkins
Branch: master

commit dfc642c9812257172db8704c4f582e842a006696
Author: Jean-Philippe Evrard <email address hidden>
Date: Fri Apr 29 16:53:31 2016 +0100

Docs: Mandatory ssh public key

Because an id_rsa.pub is mandatory in the container generation,
this commit gives information about it in the docs.

Change-Id: I253c159c66559aa849956ecbbc580e0b6e7bd8c3
Closes-Bug: #1574019

Changed in openstack-ansible:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-11: Change abandoned on openstack-ansible (stable/mitaka)

Change abandoned by Kevin Carter (cloudnull) (<email address hidden>) on branch: stable/mitaka
Review: https://review.openstack.org/312286
Reason: This change is being done within the lxc_host role: https://review.openstack.org/#/c/315030/

Revision history for this message

Jesse Pretorius (jesse-pretorius) wrote on 2016-05-13:

Related patch:
master - https://review.openstack.org/315008
mitaka - https://review.openstack.org/315030

Changed in openstack-ansible:
milestone:	none → newton-1
importance:	Undecided → High

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-13: Fix proposed to openstack-ansible (stable/mitaka)

Fix proposed to branch: stable/mitaka
Review: https://review.openstack.org/315974

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-13: Fix merged to openstack-ansible (stable/mitaka)

Reviewed: https://review.openstack.org/315974
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible/commit/?id=ee5e45c6e2f734887bcbce47d4c94531eff007aa
Submitter: Jenkins
Branch: stable/mitaka

commit ee5e45c6e2f734887bcbce47d4c94531eff007aa
Author: Jean-Philippe Evrard <email address hidden>
Date: Fri Apr 29 16:53:31 2016 +0100

Docs: Mandatory ssh public key

Because an id_rsa.pub is mandatory in the container generation,
this commit gives information about it in the docs.

    Combined backport of:
     - dfc642c9812257172db8704c4f582e842a006696
     - bb5b306e489e13d411e27500b72ad55666f84cc0

    Backport note:
    This patch also includes a SHA bump for the role to bring in the
    dependent patch.

    Depends-On: Ifb5b23e2b472bf0c738a01acefba578754f20b4f
    Change-Id: I253c159c66559aa849956ecbbc580e0b6e7bd8c3
    Closes-Bug: #1574019

Revision history for this message

Doug Hellmann (doug-hellmann) wrote on 2016-05-26: Fix included in openstack/openstack-ansible 13.1.1

This issue was fixed in the openstack/openstack-ansible 13.1.1 release.

Revision history for this message

Thierry Carrez (ttx) wrote on 2016-06-15: Fix included in openstack/openstack-ansible 14.0.0.0b1

This issue was fixed in the openstack/openstack-ansible 14.0.0.0b1 development milestone.

Revision history for this message

Doug Hellmann (doug-hellmann) wrote on 2016-07-28: Fix included in openstack/openstack-ansible 14.0.0.0b2

#10

This issue was fixed in the openstack/openstack-ansible 14.0.0.0b2 development milestone.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.