openstack/kolla-ansible
Code Issues Proposed changes
e003898ffd
kolla-ansible/ansible/roles/keystone/templates/fernet-rotate.sh.j2
Michal Nasiadka 0799782ce8 Fix keystone fernet bootstrap 
There are cases when a multinode deployment ends up in unusable
keystone public wsgi on some nodes.

The root cause is that keystone public wsgi doesn't find fernet
keys on startup - and then persists on sending 500 errors to any
requests - due to a race condition between
fernet_setup/fernet-push.sh and keystone startup.

Depends-On: https://review.opendev.org/703742/
Change-Id: I63709c2e3f6a893db82a05640da78f492bf8440f
Closes-Bug: #1846789
2020-02-03 13:41:11 +01:00

9 lines
224 B
Django/Jinja
Raw Blame History

#!/bin/bash
set -o errexit
set -o pipefail
keystone-manage --config-file /etc/keystone/keystone.conf fernet_rotate --keystone-user {{ keystone_username }} --keystone-group {{ keystone_groupname }}
/usr/bin/fernet-push.sh
View Git Blame Copy Permalink