Services which require DB fail to initialize when deployed with internal TLS
Bug #1710127 reported by
Damien Ciabrini
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
High
|
Juan Antonio Osorio Robles |
Bug Description
When internal TLS is in use, mysql/galera only accepts incoming TCP connection when they use SSL.
With containerized deployments, various services (e.g. nova, neutron, heat) run initial set up steps via some ephemeral containers. If those containers don't use kolla_start, the necessary mysql configuration will not be copied in /etc/my.cnf.d, and the connection to the DB won't use SSL. This makes the overcloud deployment fail.
Changed in tripleo: | |
milestone: | none → pike-rc1 |
Changed in tripleo: | |
assignee: | Damien Ciabrini (dciabrin) → Juan Antonio Osorio Robles (juan-osorio-robles) |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/492963
Review: https:/