From bc570e74f210ad6226e8fbb5fbebbfee0801f3c4 Mon Sep 17 00:00:00 2001 From: Martin Schuppert Date: Thu, 28 Nov 2019 15:30:12 +0100 Subject: [PATCH] Make sure role_networks is used from current processed node When e.g. ceph storage role is used and a ceph storage node is the first node to run on during deployment [1] the facts get set using this host. As a result role_networks [2] will always only contain Storage and StorageMgmt : TASK [tripleo-ssh-known-hosts : Set ssh_known_hosts fact] ****************************************************************************** Thursday 28 November 2019 14:16:00 +0000 (0:00:00.747) 0:00:13.681 ***** ok: [ceph-0] Therefore all nodes will only get additional hostnames set in the ssh_known_hosts file for the Storage and StorageMgmt network even if the they don't have this network in their role, like the compute [4] StorageMgmt: [192.168.24.42]*,[compute-0.redhat.local]*,[compute-0]*,[172.17.3.29]*,[compute-0.storage]*,[compute-0.storage.redhat.local]*,[192.168.24.8]*,[compute-0.storagemgmt]*,[compute-0.storagemgmt.redhat.local]*, ssh-rsa In such a situation live migration is broken due to host key verification failure [1] https://github.com/openstack/tripleo-ansible/blob/master/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml#L47 [2] https://github.com/openstack/tripleo-ansible/blob/master/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml#L54 [3] https://github.com/openstack/tripleo-heat-templates/blob/master/roles/CephStorage.yaml#L7-L11 [4] https://github.com/openstack/tripleo-heat-templates/blob/master/roles/Compute.yaml#L11-L17 Change-Id: I2491ccd9f1bbe1d9cd2848301956803c5935a6f3 Closes-Bug: #1854368 --- tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml b/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml index ef9066d32..9c1b40cf5 100644 --- a/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml +++ b/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml @@ -49,9 +49,9 @@ ssh_known_hosts_lines: |- {%- for host in groups['overcloud'] | intersect(play_hosts) %} [{{ ctlplane_ip }}]*,[{{ host }}.{{ cloud_domain }}]*,[{{ host }}]* - {%- if enabled_networks | length > 0 and role_networks and role_networks | length > 0 %}, + {%- if enabled_networks | length > 0 and hostvars[host]['role_networks'] is defined and hostvars[host]['role_networks'] | length > 0 %}, {%- for network in enabled_networks %} - {%- if network in role_networks %} + {%- if network in hostvars[host]['role_networks'] %} [{{ hostvars[host][networks[network]['name'] ~ '_ip'] }}]*,[{{ host }}.{{ network.lower() }}]*,{% if 1 %}{% endif %} [{{ host }}.{{ network.lower() }}.{{ cloud_domain }}]*{% if not loop.last %},{% endif %} {%- endif -%}