os_cinder: wrong interpretation of keystone_service_internaluri_insecure
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Fix Released
|
High
|
Unassigned |
Bug Description
I'd like to have insecure (self-signed certs) setup for a lab. I've set keystone_
Before that change:
TASK [os_cinder : Ensure cinder api is available] *******
FAILED - RETRYING: Ensure cinder api is available (10 retries left).
FAILED - RETRYING: Ensure cinder api is available (9 retries left).
FAILED - RETRYING: Ensure cinder api is available (8 retries left).
FAILED - RETRYING: Ensure cinder api is available (7 retries left).
FAILED - RETRYING: Ensure cinder api is available (6 retries left).
FAILED - RETRYING: Ensure cinder api is available (5 retries left).
FAILED - RETRYING: Ensure cinder api is available (4 retries left).
FAILED - RETRYING: Ensure cinder api is available (3 retries left).
FAILED - RETRYING: Ensure cinder api is available (2 retries left).
FAILED - RETRYING: Ensure cinder api is available (1 retries left).
fatal: [dev-osctr1_
Changed in openstack-ansible: | |
status: | In Progress → Fix Released |
Hi Damian,
This is the definition of keystone_ service_ internaluri_ insecure:
https:/ /opendev. org/openstack/ openstack- ansible/ src/branch/ master/ inventory/ group_vars/ all/keystone. yml#L37- L41
Can you clarify if you are trying to use a self signed certificate on the internal API endpoint, or the external API endpoint?
keystone_ service_ internaluri_ insecure is true when the internal endpoint is configured for https (it's http by default) and the user has not supplied a proper certificate.
If you could give a little more detail about what you are trying to achieve it would be really helpful.
Thanks,
Jonathan.