Comment 4 for bug 1708180
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to tripleo-common (master) | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit 77dbe9295b282c5
Author: Jiri Stransky <email address hidden>
Date: Mon Jul 31 15:27:41 2017 +0200
Allow tripleo-admin creation both for Nova-managed and split-stack
When we deploy with split-stack, we can no longer count on the
heat-admin user existing, as all the methods that we currently use to
create it depend on provisioning overcloud with Nova.
Previously the ssh access on the overcloud for administrative
tasks (manual vs. automated) was as follows for the two deployment
scenarios (Nova+Ironic vs. Split Stack):
+--
| | Nova + Ironic | Split Stack |
+--
| manual | heat-admin | (differs by env) |
+--
| automated | heat-admin | N/A |
+--
With this patch we'd start moving towards:
+--
| | Nova + Ironic | Split Stack |
+--
| manual | heat-admin | (differs by env) |
+--
| automated | tripleo-admin | tripleo-admin |
+--
I haven't reused the heat-admin name, as that is discontinued even in
Heat, and using this name would be confusing, because our usage of the
admin user has nothing to do with Heat really. We just originally
reused heat-admin for validations because it already existed. (Should
anyone wish to keep using heat-admin also for Mistral automated tasks,
they can set overcloud_admin parameter of the workflow.)
By default the new workflow initializes the tripleo-admin user the
Nova way, and no parameters are required. However, when the workflow
gets ssh_user, ssh_private_key, and ssh_servers parameters, it does
the initialization using the provided ssh connection instead of trying
to look up servers in Nova. This makes it possible to use the workflow
for Split Stack environments too.
Closes-Bug: #1708180
Change-Id: Ibe8e54f7b38d8c