os_keystone(master): task "Distribute the fernet key repository" fails
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
With master branch, the task "Distribute the fernet key repository" of os_keystone fails with the following error:
"stderr_lines": ["Warning: Permanently added '192.168.10.249' (ECDSA) to the list of known hosts.", "keystone@
Reason of this is that keystone containers have not been configured to let keystone user SSH connect properly.
Proposed fix is to configure authorized_key the same way it was previously done with the task keystone_
Suggested fix:
iff --git a/tasks/
index 287173b..e8da41a 100644
--- a/tasks/
+++ b/tasks/
@@ -43,3 +43,14 @@
file:
path: "{{ keystone_
state: absent
+
+# Suggested fix: needed for distributing the fernet key repository
+- name: Create authorized keys file from host vars
+ authorized_key:
+ user: "{{ keystone_
+ key: "{{ lookup('file', '{{ keystone_pubkey }}') }}"
+ vars:
+ keystone_pubkey: "{{ keystone_
+ when: _keystone_
+ delegate_to: "{{ item }}"
+ with_items: "{{ ansible_play_hosts }}"
Unfortunately this fix didn't work for me. I had to copy the keys to the new keystone container and set the permissions manually.