From 7da770d290eb1d45f3bca50aba965b47e40c9a83 Mon Sep 17 00:00:00 2001 From: Michal Arbet Date: Tue, 18 May 2021 16:06:41 +0200 Subject: [PATCH] Add missing region_name in keystoneauth sections Closes-Bug: #1933025 Change-Id: Ib67d715ddfa986a5b70a55fdda39e6d0e3333162 --- ansible/roles/aodh/templates/aodh.conf.j2 | 1 + ansible/roles/barbican/templates/barbican.conf.j2 | 1 + ansible/roles/blazar/templates/blazar.conf.j2 | 1 + ansible/roles/cinder/templates/cinder.conf.j2 | 1 + ansible/roles/cyborg/templates/cyborg.conf.j2 | 1 + ansible/roles/designate/templates/designate.conf.j2 | 1 + ansible/roles/freezer/templates/freezer.conf.j2 | 1 + ansible/roles/glance/templates/glance-api.conf.j2 | 1 + ansible/roles/gnocchi/templates/gnocchi.conf.j2 | 1 + ansible/roles/heat/templates/heat.conf.j2 | 1 + ansible/roles/ironic/templates/ironic-inspector.conf.j2 | 2 ++ ansible/roles/magnum/templates/magnum.conf.j2 | 2 ++ ansible/roles/manila/templates/manila.conf.j2 | 1 + ansible/roles/mistral/templates/mistral.conf.j2 | 1 + ansible/roles/monasca/templates/monasca-api/api.conf.j2 | 1 + ansible/roles/murano/templates/murano.conf.j2 | 3 +++ ansible/roles/neutron/templates/neutron.conf.j2 | 3 +++ ansible/roles/nova/templates/nova.conf.j2 | 1 + ansible/roles/octavia/templates/octavia.conf.j2 | 1 + ansible/roles/placement/templates/placement.conf.j2 | 1 + ansible/roles/sahara/templates/sahara.conf.j2 | 1 + ansible/roles/senlin/templates/senlin.conf.j2 | 1 + ansible/roles/solum/templates/solum.conf.j2 | 1 + ansible/roles/tacker/templates/tacker.conf.j2 | 1 + ansible/roles/trove/templates/trove.conf.j2 | 1 + ansible/roles/vitrage/templates/vitrage.conf.j2 | 1 + ansible/roles/watcher/templates/watcher.conf.j2 | 1 + releasenotes/notes/bug-1933025-1cb5d64d20d57be7.yaml | 6 ++++++ 28 files changed, 39 insertions(+) create mode 100644 releasenotes/notes/bug-1933025-1cb5d64d20d57be7.yaml diff --git a/ansible/roles/aodh/templates/aodh.conf.j2 b/ansible/roles/aodh/templates/aodh.conf.j2 index b9c3b08475..607c19e17e 100644 --- a/ansible/roles/aodh/templates/aodh.conf.j2 +++ b/ansible/roles/aodh/templates/aodh.conf.j2 @@ -28,6 +28,7 @@ password = {{ aodh_keystone_password }} auth_url = {{ keystone_admin_url }} auth_type = password cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} [oslo_middleware] enable_proxy_headers_parsing = True diff --git a/ansible/roles/barbican/templates/barbican.conf.j2 b/ansible/roles/barbican/templates/barbican.conf.j2 index 62412b21ef..dd285796e5 100644 --- a/ansible/roles/barbican/templates/barbican.conf.j2 +++ b/ansible/roles/barbican/templates/barbican.conf.j2 @@ -64,6 +64,7 @@ password = {{ barbican_keystone_password }} auth_url = {{ keystone_admin_url }} auth_type = password cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/blazar/templates/blazar.conf.j2 b/ansible/roles/blazar/templates/blazar.conf.j2 index 2fdc6adfa6..707e4f70f7 100644 --- a/ansible/roles/blazar/templates/blazar.conf.j2 +++ b/ansible/roles/blazar/templates/blazar.conf.j2 @@ -33,6 +33,7 @@ username = {{ blazar_keystone_user }} password = {{ blazar_keystone_password }} service_token_roles_required = True cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/cinder/templates/cinder.conf.j2 b/ansible/roles/cinder/templates/cinder.conf.j2 index 65bed63b48..e9e99251da 100644 --- a/ansible/roles/cinder/templates/cinder.conf.j2 +++ b/ansible/roles/cinder/templates/cinder.conf.j2 @@ -114,6 +114,7 @@ project_name = service username = {{ cinder_keystone_user }} password = {{ cinder_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/cyborg/templates/cyborg.conf.j2 b/ansible/roles/cyborg/templates/cyborg.conf.j2 index 0b00cc4cc8..ff4a2f7ca0 100644 --- a/ansible/roles/cyborg/templates/cyborg.conf.j2 +++ b/ansible/roles/cyborg/templates/cyborg.conf.j2 @@ -27,6 +27,7 @@ password = {{ cyborg_keystone_password }} auth_url = {{ keystone_admin_url }} auth_type = password cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} [placement] auth_type = password diff --git a/ansible/roles/designate/templates/designate.conf.j2 b/ansible/roles/designate/templates/designate.conf.j2 index 67101ef742..faf14ac7eb 100644 --- a/ansible/roles/designate/templates/designate.conf.j2 +++ b/ansible/roles/designate/templates/designate.conf.j2 @@ -30,6 +30,7 @@ password = {{ designate_keystone_password }} http_connect_timeout = 60 service_token_roles_required = True cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/freezer/templates/freezer.conf.j2 b/ansible/roles/freezer/templates/freezer.conf.j2 index 025d56bc4c..b48ec6c864 100644 --- a/ansible/roles/freezer/templates/freezer.conf.j2 +++ b/ansible/roles/freezer/templates/freezer.conf.j2 @@ -31,6 +31,7 @@ project_name = service username = {{ freezer_keystone_user }} password = {{ freezer_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/glance/templates/glance-api.conf.j2 b/ansible/roles/glance/templates/glance-api.conf.j2 index d784df3ca8..2001b921c4 100644 --- a/ansible/roles/glance/templates/glance-api.conf.j2 +++ b/ansible/roles/glance/templates/glance-api.conf.j2 @@ -50,6 +50,7 @@ project_name = service username = {{ glance_keystone_user }} password = {{ glance_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/gnocchi/templates/gnocchi.conf.j2 b/ansible/roles/gnocchi/templates/gnocchi.conf.j2 index 7d4d5122ca..dc645160a5 100644 --- a/ansible/roles/gnocchi/templates/gnocchi.conf.j2 +++ b/ansible/roles/gnocchi/templates/gnocchi.conf.j2 @@ -53,6 +53,7 @@ password = {{ gnocchi_keystone_password }} auth_url = {{ keystone_admin_url }} auth_type = password cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/heat/templates/heat.conf.j2 b/ansible/roles/heat/templates/heat.conf.j2 index 08f32be9ab..a9fe31fdc7 100644 --- a/ansible/roles/heat/templates/heat.conf.j2 +++ b/ansible/roles/heat/templates/heat.conf.j2 @@ -52,6 +52,7 @@ project_name = service username = {{ heat_keystone_user }} password = {{ heat_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/ironic/templates/ironic-inspector.conf.j2 b/ansible/roles/ironic/templates/ironic-inspector.conf.j2 index ac7f62211e..e3d87dfc24 100644 --- a/ansible/roles/ironic/templates/ironic-inspector.conf.j2 +++ b/ansible/roles/ironic/templates/ironic-inspector.conf.j2 @@ -29,6 +29,7 @@ username = {{ ironic_inspector_keystone_user }} password = {{ ironic_inspector_keystone_password }} os_endpoint_type = internalURL cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} {% else %} auth_type = none endpoint_override = {{ ironic_internal_endpoint }} @@ -45,6 +46,7 @@ project_name = service username = {{ ironic_inspector_keystone_user }} password = {{ ironic_inspector_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/magnum/templates/magnum.conf.j2 b/ansible/roles/magnum/templates/magnum.conf.j2 index f1d9742562..06f08c2980 100644 --- a/ansible/roles/magnum/templates/magnum.conf.j2 +++ b/ansible/roles/magnum/templates/magnum.conf.j2 @@ -66,6 +66,7 @@ password = {{ magnum_keystone_password }} username = {{ magnum_keystone_user }} auth_type = password cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} [keystone_authtoken] auth_version = v3 @@ -77,6 +78,7 @@ user_domain_name = {{ default_user_domain_name }} project_name = service username = {{ magnum_keystone_user }} password = {{ magnum_keystone_password }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/manila/templates/manila.conf.j2 b/ansible/roles/manila/templates/manila.conf.j2 index 9bf62cadf7..b9335c648a 100644 --- a/ansible/roles/manila/templates/manila.conf.j2 +++ b/ansible/roles/manila/templates/manila.conf.j2 @@ -40,6 +40,7 @@ project_name = service username = {{ manila_keystone_user }} password = {{ manila_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/mistral/templates/mistral.conf.j2 b/ansible/roles/mistral/templates/mistral.conf.j2 index c784c1105e..af604947b6 100644 --- a/ansible/roles/mistral/templates/mistral.conf.j2 +++ b/ansible/roles/mistral/templates/mistral.conf.j2 @@ -48,6 +48,7 @@ project_name = service username = {{ mistral_keystone_user }} password = {{ mistral_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/monasca/templates/monasca-api/api.conf.j2 b/ansible/roles/monasca/templates/monasca-api/api.conf.j2 index 9233c7ad33..c42716e8bf 100644 --- a/ansible/roles/monasca/templates/monasca-api/api.conf.j2 +++ b/ansible/roles/monasca/templates/monasca-api/api.conf.j2 @@ -44,6 +44,7 @@ username = {{ monasca_keystone_user }} password = {{ monasca_keystone_password }} service_token_roles_required=True cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/murano/templates/murano.conf.j2 b/ansible/roles/murano/templates/murano.conf.j2 index 5b9194a774..64984bca74 100644 --- a/ansible/roles/murano/templates/murano.conf.j2 +++ b/ansible/roles/murano/templates/murano.conf.j2 @@ -30,6 +30,7 @@ project_name = service username = {{ murano_keystone_user }} password = {{ murano_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} @@ -45,6 +46,7 @@ project_name = service username = {{ murano_keystone_user }} password = {{ murano_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} [murano] url = {{ murano_internal_endpoint }} @@ -89,6 +91,7 @@ username = {{ murano_keystone_user }} password = {{ murano_keystone_password }} user_domain_name = {{ default_project_domain_name }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} {% endif %} {% endif %} diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2 index 3462bb4d3b..b28496e2fb 100644 --- a/ansible/roles/neutron/templates/neutron.conf.j2 +++ b/ansible/roles/neutron/templates/neutron.conf.j2 @@ -115,6 +115,7 @@ project_name = service username = {{ neutron_keystone_user }} password = {{ neutron_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} @@ -167,6 +168,7 @@ allow_reverse_dns_lookup = True ipv4_ptr_zone_prefix_size = 24 ipv6_ptr_zone_prefix_size = 116 cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} {% endif %} {% if enable_osprofiler | bool %} @@ -188,6 +190,7 @@ project_domain_name = {{ default_project_domain_name }} os_region_name = {{ openstack_region_name }} os_interface = internal cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} [privsep] helper_command=sudo neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2 index 74540fdac4..c30409f2bb 100644 --- a/ansible/roles/nova/templates/nova.conf.j2 +++ b/ansible/roles/nova/templates/nova.conf.j2 @@ -115,6 +115,7 @@ project_name = service username = {{ nova_keystone_user }} password = {{ nova_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/octavia/templates/octavia.conf.j2 b/ansible/roles/octavia/templates/octavia.conf.j2 index 0b581c8675..6190a97f7e 100644 --- a/ansible/roles/octavia/templates/octavia.conf.j2 +++ b/ansible/roles/octavia/templates/octavia.conf.j2 @@ -66,6 +66,7 @@ project_name = service username = {{ octavia_keystone_user }} password = {{ octavia_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/placement/templates/placement.conf.j2 b/ansible/roles/placement/templates/placement.conf.j2 index b8c64321a7..04ca66fa90 100644 --- a/ansible/roles/placement/templates/placement.conf.j2 +++ b/ansible/roles/placement/templates/placement.conf.j2 @@ -44,6 +44,7 @@ project_name = service username = {{ placement_keystone_user }} password = {{ placement_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/sahara/templates/sahara.conf.j2 b/ansible/roles/sahara/templates/sahara.conf.j2 index c982e375e8..67c1288470 100644 --- a/ansible/roles/sahara/templates/sahara.conf.j2 +++ b/ansible/roles/sahara/templates/sahara.conf.j2 @@ -24,6 +24,7 @@ project_domain_name = {{ default_project_domain_name }} username = {{ sahara_keystone_user }} password = {{ sahara_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/senlin/templates/senlin.conf.j2 b/ansible/roles/senlin/templates/senlin.conf.j2 index 5879a8f222..91064bcbac 100644 --- a/ansible/roles/senlin/templates/senlin.conf.j2 +++ b/ansible/roles/senlin/templates/senlin.conf.j2 @@ -52,6 +52,7 @@ username = {{ senlin_keystone_user }} password = {{ senlin_keystone_password }} service_token_roles_required = False cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/solum/templates/solum.conf.j2 b/ansible/roles/solum/templates/solum.conf.j2 index c641b2312c..9af1c31501 100644 --- a/ansible/roles/solum/templates/solum.conf.j2 +++ b/ansible/roles/solum/templates/solum.conf.j2 @@ -57,6 +57,7 @@ project_name = service username = {{ solum_keystone_user }} password = {{ solum_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/tacker/templates/tacker.conf.j2 b/ansible/roles/tacker/templates/tacker.conf.j2 index 4f89287555..dee94b7af7 100644 --- a/ansible/roles/tacker/templates/tacker.conf.j2 +++ b/ansible/roles/tacker/templates/tacker.conf.j2 @@ -41,6 +41,7 @@ project_name = service username = {{ tacker_keystone_user }} password = {{ tacker_keystone_password }} cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/trove/templates/trove.conf.j2 b/ansible/roles/trove/templates/trove.conf.j2 index 4c1232cc2a..e7a2d2f016 100644 --- a/ansible/roles/trove/templates/trove.conf.j2 +++ b/ansible/roles/trove/templates/trove.conf.j2 @@ -59,6 +59,7 @@ password = {{ trove_keystone_password }} auth_url = {{ keystone_admin_url }} auth_type = password cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} [oslo_messaging_notifications] transport_url = {{ notify_transport_url }} diff --git a/ansible/roles/vitrage/templates/vitrage.conf.j2 b/ansible/roles/vitrage/templates/vitrage.conf.j2 index e007c03cd0..3fdaa2f9fb 100644 --- a/ansible/roles/vitrage/templates/vitrage.conf.j2 +++ b/ansible/roles/vitrage/templates/vitrage.conf.j2 @@ -42,6 +42,7 @@ username = {{ vitrage_keystone_user }} password = {{ vitrage_keystone_password }} service_token_roles_required = True cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/ansible/roles/watcher/templates/watcher.conf.j2 b/ansible/roles/watcher/templates/watcher.conf.j2 index 3f655da1dc..467e0b5b06 100644 --- a/ansible/roles/watcher/templates/watcher.conf.j2 +++ b/ansible/roles/watcher/templates/watcher.conf.j2 @@ -29,6 +29,7 @@ username = {{ watcher_keystone_user }} password = {{ watcher_keystone_password }} service_token_roles_required = True cafile = {{ openstack_cacert }} +region_name = {{ openstack_region_name }} memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} diff --git a/releasenotes/notes/bug-1933025-1cb5d64d20d57be7.yaml b/releasenotes/notes/bug-1933025-1cb5d64d20d57be7.yaml new file mode 100644 index 0000000000..ab85f4947c --- /dev/null +++ b/releasenotes/notes/bug-1933025-1cb5d64d20d57be7.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + Fixes missing region_name in keystone_auth sections. + See `bug 1933025 + `__ for details.