8389140f05
Steps to reproduce: * Deploy a cloud * Add another controller to the inventory * Deploy to the new controller using --limit: kolla-ansible deploy --limit new-controller Expected results: The new controller uses the cluster's existing fernet keys. Actual results: New fernet keys are generated on the new controller, and pushed out to the existing controllers. This invalidates tokens created from those keys. This change prevents the above scenario from happening, by failing the deployment if there are no hosts with existing Ferney keys to distribute, and not all Keystone hosts are in the target host list. Closes-Bug: #1891364 Change-Id: If0c0e038b77fc010a3a017f9841a674d53b16457
8 lines
297 B
YAML
8 lines
297 B
YAML
---
|
|
fixes:
|
|
- |
|
|
Prevents adding a new Keystone host to an existing cluster when not
|
|
targeting all Keystone hosts (e.g. due to ``--limit`` or ``--serial``
|
|
arguments), to avoid overwriting existing Fernet keys. `LP#1891364
|
|
<https://bugs.launchpad.net/kolla-ansible/+bug/1891364>`__
|