openstack-ansible

OSA uses deprecated tenant_id for endpoints in catalog

Bug #1651521 reported by Miguel Alejandro Cantu on 2016-12-20

This bug affects 1 person

Affects

Status

Importance

Assigned to

Milestone

openstack-ansible

Fix Released

Low

Luke Short

You need to log in to change this bug's status.

Affecting:	openstack-ansible
Filed here by:	Miguel Alejandro Cantu
When:	2016-12-20
Confirmed:	2017-01-03
Assigned:	2018-03-12
Started work:	2018-03-12
Completed:	2018-04-04

Target

Distribution
Package	(Find…)
Project	(Find…)

Status	Importance
	Low

Assigned to

	Me
	Luke Short (ekultails)

Comment on this change (optional)

Email me about changes to this bug report

(?)

Bug Description

Per the keystone releate notes, which say
"Keystone supports $(project_id)s in the catalog. It works the same as $(tenant_id)s. Use of $(tenant_id)s is deprecated and catalog endpoints should be updated to use $(project_id)s."

All mentions of tenant_id to configure endpoints should be changed to project_id. I've pasted all mentions of "%(tenant_id" in the roles:

grep -ER '%\(tenant_id' *
os_cinder/defaults/main.yml:cinder_service_publicurl: "{{ cinder_service_publicuri }}/v1/%(tenant_id)s"
os_cinder/defaults/main.yml:cinder_service_adminurl: "{{ cinder_service_adminuri }}/v1/%(tenant_id)s"
os_cinder/defaults/main.yml:cinder_service_internalurl: "{{ cinder_service_internaluri }}/v1/%(tenant_id)s"
os_cinder/defaults/main.yml:cinder_service_v2_publicurl: "{{ cinder_service_publicuri }}/v2/%(tenant_id)s"
os_cinder/defaults/main.yml:cinder_service_v2_adminurl: "{{ cinder_service_adminuri }}/v2/%(tenant_id)s"
os_cinder/defaults/main.yml:cinder_service_v2_internalurl: "{{ cinder_service_internaluri }}/v2/%(tenant_id)s"
os_designate/templates/policy.json.j2: "owner": "tenant:%(tenant_id)s",
os_heat/defaults/main.yml:heat_service_publicurl: "{{ heat_service_publicuri }}/v1/%(tenant_id)s"
os_heat/defaults/main.yml:heat_service_adminurl: "{{ heat_service_adminuri }}/v1/%(tenant_id)s"
os_heat/defaults/main.yml:heat_service_internalurl: "{{ heat_service_internaluri }}/v1/%(tenant_id)s"
os_horizon/tests/os_horizon-overrides.yml:nova_service_publicurl: "{{ nova_service_publicuri }}/v2.1/%(tenant_id)s"
os_horizon/tests/os_horizon-overrides.yml:nova_service_adminurl: "{{ nova_service_adminuri }}/v2.1/%(tenant_id)s"
os_horizon/tests/os_horizon-overrides.yml:nova_service_internalurl: "{{ nova_service_internaluri }}/v2.1/%(tenant_id)s"
os_neutron/templates/neutron.conf.j2:nova_url = {{ nova_service_adminurl|replace('/%(tenant_id)s', '') }}
os_neutron/templates/policy.json.j2: "owner": "tenant_id:%(tenant_id)s",
os_nova/defaults/main.yml:nova_service_publicurl: "{{ nova_service_publicuri }}/v2.1/%(tenant_id)s"
os_nova/defaults/main.yml:nova_service_adminurl: "{{ nova_service_adminuri }}/v2.1/%(tenant_id)s"
os_nova/defaults/main.yml:nova_service_internalurl: "{{ nova_service_internaluri }}/v2.1/%(tenant_id)s"
os_sahara/defaults/main.yml:sahara_service_publicurl: "{{ sahara_service_publicuri }}/v1.1/%(tenant_id)s"
os_sahara/defaults/main.yml:sahara_service_internalurl: "{{ sahara_service_internaluri }}/v1.1/%(tenant_id)s"
os_sahara/defaults/main.yml:sahara_service_adminurl: "{{ sahara_service_adminuri }}/v1.1/%(tenant_id)s"
os_swift/defaults/main.yml:swift_service_publicurl: "{{ swift_service_publicuri }}/v1/AUTH_%(tenant_id)s"
os_swift/defaults/main.yml:swift_service_adminurl: "{{ swift_service_adminuri }}/v1/AUTH_%(tenant_id)s"
os_swift/defaults/main.yml:swift_service_internalurl: "{{ swift_service_internaluri }}/v1/AUTH_%(tenant_id)s"
os_trove/defaults/main.yml:trove_service_publicurl: "{{ trove_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ trove_service_port }}/v1.0/%(tenant_id)s"
os_trove/defaults/main.yml:trove_service_internalurl: "{{ trove_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ trove_service_port }}/v1.0/%(tenant_id)s"
os_trove/defaults/main.yml:trove_service_adminurl: "{{ trove_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ trove_service_port }}/v1.0/%(tenant_id)s"

See original description

Tags: Edit Tag help

Jean-Philippe Evrard (jean-philippe-evrard) wrote on 2016-12-20:

Fair point, and thanks for the list :)

I'm adding this as low-hanging-fruit.

tags:

added: low-hanging-fruit

Miguel Alejandro Cantu (miguel-cantu) on 2016-12-20

description:

updated

Jean-Philippe Evrard (jean-philippe-evrard) wrote on 2016-12-21:

Please also note that the policy.json files are fetched from upstream, and the fixes should be included there.

Jean-Philippe Evrard (jean-philippe-evrard) on 2017-01-03

Changed in openstack-ansible:
status:	New → Confirmed
importance:	Undecided → Low

Luke Short (ekultails) wrote on 2017-06-12:

All references to "%(tenant_id)s" appear to be gone, except for in the Octavia LBaaS variables.

$ grep tenant_id group_vars/all/octavia.yml
octavia_service_internalurl: "{{ octavia_service_internaluri }}/v1/%(tenant_id)s"

I can find no trace of "%(project_id)s" in OpenStack-Ansible now, either. Is this no longer required for the Keystone endpoints in Pike (or, at least, not a standard anymore)? Also, should we remove the "%(tenant_id)s" part for Octavia or should that be changed to "%(project_id)s"? Considering that everything else has dropped the tenant/project ID requirement I am leaning towards the removal of that from the Octavia service.

OpenStack Infra (hudson-openstack) wrote on 2018-03-12: Fix proposed to openstack-ansible (master)

Fix proposed to branch: master
Review: https://review.openstack.org/552178

Changed in openstack-ansible:
assignee:	nobody → Luke Short (ekultails)
status:	Confirmed → In Progress

OpenStack Infra (hudson-openstack) wrote on 2018-04-04: Fix merged to openstack-ansible (master)

Reviewed: https://review.openstack.org/552178
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible/commit/?id=20fdfb9716454836aaa22535640cbb29e58ddb02
Submitter: Zuul
Branch: master

commit 20fdfb9716454836aaa22535640cbb29e58ddb02
Author: ekultails <email address hidden>
Date: Mon Mar 12 19:26:10 2018 -0400

Update all references from the deprecated tenant_id to project_id.

Keystone v3 has been out for a long time now and uses the new project_id variable for the API endpoints.

Change-Id: I62619ac94b0deb67fe4081a0bb1e5f7b40b4f1d9
Closes-Bug: 1651521

Changed in openstack-ansible:
status:	In Progress → Fix Released

OpenStack Infra (hudson-openstack) wrote on 2018-05-03: Fix included in openstack/openstack-ansible 18.0.0.0b1

This issue was fixed in the openstack/openstack-ansible 18.0.0.0b1 development milestone.

OpenStack Infra (hudson-openstack) wrote on 2018-06-07: Fix included in openstack/openstack-ansible 18.0.0.0b2

This issue was fixed in the openstack/openstack-ansible 18.0.0.0b2 development milestone.

Report a bug

This report contains Public information Edit

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers