internal TLS deployment failed when using containerized mongodb

Bug #1709553 reported by Damien Ciabrini on 2017-08-09
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Juan Antonio Osorio Robles

Bug Description

When internal TLS is in use, a certificate for mongodb is generated during overcloud deployment, based on the contents of the metadata_settings from the yaml service file [1].

However the containerized version of the mongodb service omits the metadata_settings definition, which confuses certmonger and make the generation of certificates fail. Consequently the deployed overcloud is non functional.


Changed in tripleo:
importance: Undecided → Critical
status: New → Triaged

Fix proposed to branch: master

Changed in tripleo:
assignee: nobody → Damien Ciabrini (dciabrin)
status: Triaged → In Progress
Changed in tripleo:
milestone: none → pike-rc1
Changed in tripleo:
importance: Critical → High
Changed in tripleo:
assignee: Damien Ciabrini (dciabrin) → Juan Antonio Osorio Robles (juan-osorio-robles)

Submitter: Jenkins
Branch: master

commit 630ce41fe329c351c5aa80f579c9985c5e5508fb
Author: Damien Ciabrini <email address hidden>
Date: Wed Aug 9 07:25:42 2017 +0000

    Fix metadata_settings in containerized mongodb

    The containerized version of the mongodb service omits the
    metadata_settings definition [1], which confuses certmonger when
    internal TLS is enabled and make the generation of certificates fail.

    Use the right setting from the non-containerized profile.


    Change-Id: I50a9a3a822ba5ef5d2657a12c359b51b7a3a42f2
    Closes-Bug: #1709553

Changed in tripleo:
status: In Progress → Fix Released

This issue was fixed in the openstack/tripleo-heat-templates release candidate.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers