tripleo

config-download: support SshKnownHosts deployment

Bug #1746336 reported by James Slagle
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
Fix Released
High
James Slagle
tripleo rocky-1

Bug Description

The SshKnownHostsDeployments are not presently supported by config-download. Since they rely on Heat deployment outputs, the group_vars shim we use in tripleo-common to create Ansible tasks for each corresponding deployment won't work.

We need to properly support these deployments with a native ansible task/role.

James Slagle (james-slagle)
Changed in tripleo:
status: New → In Progress
importance: Undecided → High
assignee: nobody → James Slagle (james-slagle)
milestone: none → queens-rc1
tags: added: config-download
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-common (master)

Fix proposed to branch: master
Review: https://review.openstack.org/539313

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (master)

Fix proposed to branch: master
Review: https://review.openstack.org/539315

Revision history for this message
James Slagle (james-slagle) wrote :

https://review.openstack.org/539313
https://review.openstack.org/539315

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-common (master)

Reviewed: https://review.openstack.org/539313
Committed: https://git.openstack.org/cgit/openstack/tripleo-common/commit/?id=dfa6cf77bc25aa99a77739484d49b20b3c5a4ff5
Submitter: Zuul
Branch: master

commit dfa6cf77bc25aa99a77739484d49b20b3c5a4ff5
Author: James Slagle <email address hidden>
Date: Tue Jan 30 15:31:37 2018 -0500

    Add tripleo-ssh-known-hosts role

    Support the SshKnownHostsDeployment resources from Heat with a new
    Ansible role in tripleo-common for use by config-download. The new role
    will configure /etc/ssh/ssh_known_hosts in the same manner that the Heat
    deployments did.

    Change-Id: I9314596f9ab48e95ba34d08dba9abfee2f8d2e0c
    Partial-Bug: #1746336

Alex Schultz (alex-schultz)
Changed in tripleo:
milestone: queens-rc1 → rocky-1
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (master)

Reviewed: https://review.openstack.org/539315
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=088d5c12f0f37e24d836e6f8791f41fbeba3326d
Submitter: Zuul
Branch: master

commit 088d5c12f0f37e24d836e6f8791f41fbeba3326d
Author: James Slagle <email address hidden>
Date: Fri Jan 12 15:52:26 2018 -0500

    Support SshKnownHostsDeployment with config-download

    Add support for the SshKnownHostsDeployment resources to
    config-download. Since the deployment resources relied on Heat outputs,
    they were not supported with the default handling from tripleo-common
    that relies on the group_vars mechanism.

    Instead, this patch refactors the templates to add the known hosts
    entries as global_vars to deploy_steps_playbook.yaml, and then includes
    the new tripleo-ssh-known-hosts role from tripleo-common to apply the
    same configuration that the Heat deployment did.

    Since these deployments no longer need to be triggered when including
    config-download-environment.yaml, a mapping is added that can be
    overridden to OS::Heat::None to disable the deployment resources when
    using config-download.

    The default behavior when not using config-download remains unchanged.

    Closes-Bug: #1746336
    Change-Id: Ia334fe6adc9a8ab228f75cb1d0c441c1344e2bd9

Changed in tripleo:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to tripleo-heat-templates (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/558410

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on tripleo-heat-templates (master)

Change abandoned by Juan Antonio Osorio Robles (<email address hidden>) on branch: master
Review: https://review.openstack.org/558410

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 9.0.0.0b2

This issue was fixed in the openstack/tripleo-heat-templates 9.0.0.0b2 development milestone.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (stable/queens)

Fix proposed to branch: stable/queens
Review: https://review.openstack.org/582424

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (stable/queens)

Reviewed: https://review.openstack.org/582424
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=54010e2358850df97d34f5f9e67b89a800dba67d
Submitter: Zuul
Branch: stable/queens

commit 54010e2358850df97d34f5f9e67b89a800dba67d
Author: James Slagle <email address hidden>
Date: Fri Jan 12 15:52:26 2018 -0500

    Support SshKnownHostsDeployment with config-download

    Add support for the SshKnownHostsDeployment resources to
    config-download. Since the deployment resources relied on Heat outputs,
    they were not supported with the default handling from tripleo-common
    that relies on the group_vars mechanism.

    Instead, this patch refactors the templates to add the known hosts
    entries as global_vars to deploy_steps_playbook.yaml, and then includes
    the new tripleo-ssh-known-hosts role from tripleo-common to apply the
    same configuration that the Heat deployment did.

    Since these deployments no longer need to be triggered when including
    config-download-environment.yaml, a mapping is added that can be
    overridden to OS::Heat::None to disable the deployment resources when
    using config-download.

    The default behavior when not using config-download remains unchanged.

    Closes-Bug: #1746336
    Change-Id: Ia334fe6adc9a8ab228f75cb1d0c441c1344e2bd9
    (cherry picked from commit 088d5c12f0f37e24d836e6f8791f41fbeba3326d)

tags: added: in-stable-queens
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 8.0.5

This issue was fixed in the openstack/tripleo-heat-templates 8.0.5 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.