OpenStack Bundles

juju openstack-base bundle neutron-*-net-ksv3 sometimes chooses wrong project

Bug #1803700 reported by Ed Stewart
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Bundles
Triaged
Medium
Andrew McLeod

Bug Description

After deploying the openstack-base-57 bundle, OpenStack ends up with the following domain/project structure:

$ openstack domain list
+----------------------------------+----------------+---------+-----------------+
| ID | Name | Enabled | Description |
+----------------------------------+----------------+---------+-----------------+
| 0be00c7042f04e2ebfcdcace8b2ca96b | admin_domain | True | Created by Juju |
| 1484134aca4e470ba4d9a513ec0858d3 | default | True | Created by Juju |
| a18c69b387e3473294b53617a4d48603 | service_domain | True | Created by Juju |
+----------------------------------+----------------+---------+-----------------+

$ openstack project list --long
+----------------------------------+----------+----------------------------------+-----------------+---------+
| ID | Name | Domain ID | Description | Enabled |
+----------------------------------+----------+----------------------------------+-----------------+---------+
| 05d117cf95cf449f9091ecfdcc45f36c | services | a18c69b387e3473294b53617a4d48603 | Created by Juju | True |
| 31e074b3ddae4ac2b1e820a0ba3bee6a | admin | 0be00c7042f04e2ebfcdcace8b2ca96b | Created by Juju | True |
| 4926e92ac0b645778d99a9ec00a67dae | admin | 1484134aca4e470ba4d9a513ec0858d3 | Created by Juju | True |
| 50c45455f6ba4a62ba299311be9d9aaf | services | 1484134aca4e470ba4d9a513ec0858d3 | Created by Juju | True |
+----------------------------------+----------+----------------------------------+-----------------+---------+

As a result there are two projects called 'admin'. The README for the bundle says to run the two scripts neutron-ext-net-ksv3 and neutron-tenant-net-ksv3 to create test tenant and provider networks within the admin project. However, these scripts do not work well if there are two admin projects which is the case after the bundle deploys (one each in two domains) - they loop through all the projects looking for the first with the name passed in.

Suggest the following fix to identify the correct project_id by matching on project_Id and domain_id within both these scripts:

    # Resolve domain id
    domain_id = None
    for dom in [t._info for t in keystone.domains.list()]:
        if (dom['name'] == (os.environ['OS_PROJECT_DOMAIN_NAME'])):
            domain_id = dom['id']
            break # Domain ID found - stop looking
    if not domain_id:
        logging.error("Unable to locate domain for %s.", os.environ['OS_PROJECT_DOMAIN_NAME']);

    # Resolve tenant id
    project_id = None
    for proj in [t._info for t in keystone.projects.list()]:
        if (proj['domain_id'] == domain_id and proj['name'] == (opts.project or os.environ['OS_PROJECT_NAME'])):
            project_id = proj['id']
            break # Tenant ID found - stop looking
    if not project_id:
        logging.error("Unable to locate project id for %s.", opts.tenant)
        sys.exit(1)

Tags: juju openstack
Revision history for this message
James Page (james-page) wrote :

The duplication is an interesting nuance of having to support older clouds which are v2 based, and their upgrade to keystone v3.

Suggested changes to improve scoping of the calls look sensible.

Changed in openstack-bundles:
status: New → Triaged
importance: Undecided → Medium
James Page (james-page)
Changed in openstack-bundles:
assignee: nobody → Andrew McLeod (admcleod)
Revision history for this message
Andrew McLeod (admcleod) wrote :

I've added the suggested code to both scripts and commited to https://github.com/openstack-charmers/openstack-bundles/tree/fix-1803700 branch

I will attempt to test this soon, but if someone else can test that would enable a quicker merge.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.