User provided certificate OctaviaClientCert is missing after deployment
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
High
|
Gregory Thiemonge |
Bug Description
Originally reported in https:/
Description of problem:
I tried to deploy Octavia with my own certificates and keys (https:/
I used the following parameter file (octavia_
parameter_defaults:
OctaviaCaCert: |
-----BEGIN CERTIFICATE-----
<EDITED>
-----END CERTIFICATE-----
OctaviaCaKey: |
-----BEGIN RSA PRIVATE KEY-----
<EDITED>
-----END RSA PRIVATE KEY-----
OctaviaClie
-----BEGIN CERTIFICATE-----
<EDITED>
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
<EDITED>
-----END PRIVATE KEY-----
OctaviaCaKe
OctaviaGene
Included in my overcloud_deploy.sh script (penultimate line):
openstack overcloud deploy \
--timeout 100 \
--templates /usr/share/
--environment
--environment
--stack overcloud \
--libvirt-type kvm \
--ntp-server clock1.
-e /home/stack/
-e /usr/share/
-e /home/stack/
-e /home/stack/
-e /home/stack/
-e /home/stack/
-e /usr/share/
-e /home/stack/
-e /usr/share/
-e /home/stack/
-e /home/stack/
-e ~/containers-
-e /home/stack/
-e /home/stack/
--log-file overcloud_
After deployment, OctaviaClientCert (/var/lib/
[root@controller-0 ~]# find /var/lib/
/var/lib/
/var/lib/
/var/lib/
/var/lib/
And Octavia services throws exceptions when trying to communicate with an amphora:
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
2020-04-24 08:58:21.616 24 ERROR oslo_messaging.
Version-Release number of selected component (if applicable):
train
How reproducible:
100%
Steps to Reproduce:
1. Deploy Octavia with user-provided certificates (using the parameter file in the description)
Actual results:
client.pem is missing on controllers, Octavia cannot configure amphorae.
Expected results:
client.pem should be present on controllers, and Octavia services should be able to communicate with amphorae
Additional info:
Changed in tripleo: | |
assignee: | nobody → Gregory Thiemonge (gthiemonge) |
status: | New → In Progress |
Changed in tripleo: | |
milestone: | none → victoria-1 |
importance: | Undecided → High |
tags: | added: train-backport-potential |
Fix proposed to branch: master /review. opendev. org/722683
Review: https:/