-
Mark Goddard authored
Steps to reproduce: * Deploy a cloud * Add another controller to the inventory * Deploy to the new controller using --limit: kolla-ansible deploy --limit new-controller Expected results: The new controller uses the cluster's existing fernet keys. Actual results: New fernet keys are generated on the new controller, and pushed out to the existing controllers. This invalidates tokens created from those keys. This change prevents the above scenario from happening, by failing the deployment if there are no hosts with existing Ferney keys to distribute, and not all Keystone hosts are in the target host list. Closes-Bug: #1891364 Change-Id: If0c0e038b77fc010a3a017f9841a674d53b16457
Mark Goddard authoredSteps to reproduce: * Deploy a cloud * Add another controller to the inventory * Deploy to the new controller using --limit: kolla-ansible deploy --limit new-controller Expected results: The new controller uses the cluster's existing fernet keys. Actual results: New fernet keys are generated on the new controller, and pushed out to the existing controllers. This invalidates tokens created from those keys. This change prevents the above scenario from happening, by failing the deployment if there are no hosts with existing Ferney keys to distribute, and not all Keystone hosts are in the target host list. Closes-Bug: #1891364 Change-Id: If0c0e038b77fc010a3a017f9841a674d53b16457
bootstrap_service.yml 2.69 KiB