[os_keystone] Error when installing keystone with LDAP
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
osa version: 17.1.1 on Ubuntu
We are trying to upgrade pike to queens with osa 17.1.1.
We have a three controller setup and keystone installation works on the first container, but fails on the remaining two during the task "Create Keystone LDAP domains":
SSL exception connecting to https:/
The problem is the HAProxy backend. Alle keystone backends are in status MAINT. With the first container, only one container gets disabled in the backend, but not enabled again, after the keystone installation is finished for this container.
These are the tasks:
TASK [Set haproxy service state] *******
Monday 29 October 2018 06:10:40 +0000 (0:00:00.167) 0:02:27.497 ********
[WARNING]: The loop variable 'item' is already in use. You should set the `loop_var` value in the `loop_control` option for the task to something else to avoid variable collisions and unexpected behavior.
ok: [ctr003_
ok: [ctr003_
ok: [ctr003_
TASK [Set haproxy service state] *******
Monday 29 October 2018 06:10:44 +0000 (0:00:03.771) 0:02:31.268 ********
[WARNING]: The loop variable 'item' is already in use. You should set the `loop_var` value in the `loop_control` option for the task to something else to avoid variable collisions and unexpected behavior.
ok: [ctr003_
ok: [ctr003_
ok: [ctr003_
My guess is, this only happens when tasks are executed which need access to keystone while keystone is installed.
The only other hint I found is about cinder:
http://
The above problem might be gone, when this is merged:
https:/
The way it is done in stable/rocky works for me with queens: /github. com/openstack/ openstack- ansible/ blob/stable/ rocky/playbooks /os-keystone- install. yml#L117
https:/