tripleo

  1. Bug #1611704
  2. Comment #7

Comment 7 for bug 1611704

Revision history for this message
Steven Hardy (shardy) wrote :

Ok so I can confirm the problems described in comment #2 are now fixed, I did the following:

1. Deploy an overcloud with a custom environment file specifying passwords (I got these by grepping in the tht tree so probably incomplete):

[stack@instack ~]$ cat password_env.yaml
parameter_defaults:
  AdminPassword: fooxyz
  AodhPassword: fooxyz
  BarbicanPassword: fooxyz
  CeilometerPassword: fooxyz
  CinderPassword: fooxyz
  ContrailConfigIfmapUserPassword: fooxyz
  ContrailControlIfmapUserPassword: fooxyz
  GlancePassword: fooxyz
  GnocchiPassword: fooxyz
  HAProxyStatsPassword: fooxyz
  HeatPassword: fooxyz
  HeatStackDomainAdminPassword: fooxyz
  IronicPassword: fooxyz
  ManilaNetappPassword: fooxyz
  ManilaPassword: fooxyz
  ManilaServiceInstancePassword: fooxyz
  MistralPassword: fooxyz
  MonitoringRabbitPassword: fooxyz
  MysqlClustercheckPassword: fooxyz
  MysqlRootPassword: fooxyz
  NeutronNuageVSDPassword: fooxyz
  NeutronPassword: fooxyz
  NovaPassword: fooxyz
  OpenDaylightPassword: fooxyz
  PcsdPassword: fooxyz
  PLUMgridL2GatewayPassword: fooxyz
  PLUMgridPassword: fooxyz
  RabbitPassword: fooxyz
  RedisPassword: fooxyz
  SaharaPassword: fooxyz
  SnmpdReadonlyUserPassword: fooxyz
  SwiftPassword: fooxyz

openstack overcloud deploy --templates /tmp/tripleo-heat-templates/ -e password_env.yaml

We can see that the password is now set as expected on the nodes:

[root@overcloud-controller-0 etc]# grep fooxyz heat/heat.conf
stack_domain_admin_password = fooxyz
connection = mysql+pymysql://heat:fooxyz@192.0.2.8/heat
rabbit_password = fooxyz
password = fooxyz
password=fooxyz
[root@overcloud-controller-0 etc]# grep fooxyz nova/nova.conf
password=fooxyz
password=fooxyz
connection=mysql+pymysql://nova_api:fooxyz@192.0.2.8/nova_api
rabbit_password=fooxyz
connection=mysql+pymysql://nova:fooxyz@192.0.2.8/nova

However, if I s/xyz/abc in the password environment, and deploy again to update the existing stack:

openstack overcloud deploy --templates /tmp/tripleo-heat-templates/ -e password_env.yaml

We then see:

    Error: /Stage[main]/Nova::Compute/Nova::Generic_service[compute]/Service[nova-compute]: Failed to call refresh: Could not restart Service[nova-compute]: Execution of '/usr/bin/systemctl restart openstack-nova-compute' returned 1: Job for openstack-nova-compute.service failed because the control process exited with error code. See "systemctl status openstack-nova-compute.service" and "journalctl -xe" for details.
    Error: /Stage[main]/Nova::Compute/Nova::Generic_service[compute]/Service[nova-compute]: Could not restart Service[nova-compute]: Execution of '/usr/bin/systemctl restart openstack-nova-compute' returned 1: Job for openstack-nova-compute.service failed because the control process exited with error code. See "systemctl status openstack-nova-compute.service" and "journalctl -xe" for details.

I assume this is an ordering issue, we must apply the rabbit password change and then restart nova before the config has been applied with the new password?