Admin credentials are setup on both controllers after swact
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Invalid
|
Low
|
Brent Rowsell |
Bug Description
Title
-----
Controller remains with admin credentials after swact
Brief Description
-----------------
When establishing a SSH connection to an active controller and load the admin credentials (source /etc/nova/openrc) the controller remain with the admin credentials after a swact when is in StandBy and not in Active.
Severity
--------
Provide the severity of the defect.
Major
Steps to Reproduce
------------------
1. Login SSH to Active Controller (controller-x)
2. Load admin credentials
source /etc/nova/openrc
3. Perform a swact
system host-swact controller-x
4. Verify that swact is OK
5. Login SSH to Active Controller (controller-y)
6. Load admin credentials
source /etc/nova/openrc
7 Verify that controller-x is StandBy
system host-show controller-x |grep capabilities
8. On Controller-x session verify that admin rights commands cannot be executed
system show
Expected Behavior
------------------
Controller in StandBy cannot run admin commands
Actual Behavior
----------------
Admin commands can be executed on StandBy controller and also in Active controller, both controllers have the admin credentials loaded.
Reproducibility
---------------
Reproducible
100%
System Configuration
-------
Duplex Bare-Metal --> Two node system
Branch/Pull Time/Commit
-------
r-2018.10
Timestamp/Logs
--------------
tags: | added: stx.2018.10 |
Changed in starlingx: | |
importance: | Undecided → Low |
tags: | added: stx.ha |
Changed in starlingx: | |
assignee: | nobody → Brent Rowsell (brent-rowsell) |
tags: |
added: stx.1.0 removed: stx.2018.10 |
The same issue is observed on multinode configuration, the only way to complete the "full swacting" operation is to log off from the previous active controller, and log in again, causing that the keystone admin credentials pass 100% to the new active controller.