puppet-neutron

puppet-neutron duplicates auth information in neutron.conf and api-paste.ini

Bug #1513532 reported by Javier Peña
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
puppet-neutron
Fix Released
Undecided
Unassigned

Bug Description

When puppet-neutron is configuring a Neutron server, it is duplicating auth information in neutron.conf and api-paste.ini, for example:

      neutron_config {
        'keystone_authtoken/admin_tenant_name': value => $auth_tenant;
        'keystone_authtoken/admin_user': value => $auth_user;
        'keystone_authtoken/admin_password': value => $auth_password, secret => true;
      }

      neutron_api_config {
        'filter:authtoken/admin_tenant_name': value => $auth_tenant;
        'filter:authtoken/admin_user': value => $auth_user;
        'filter:authtoken/admin_password': value => $auth_password, secret => true;
      }

Some distros (e.g. RDO) do not even ship /etc/neutron/api-paste.ini, but /usr/share/neutron/api-paste.ini, and this file is not meant to be modified by the operator. In those cases, the file is created using default permissions, which is not a good idea.

If no distro requires configuring api-paste.ini, I would propose removing all instances of neutron_api_config when they are duplicating information already present in neutron.conf.

shravya Gaddam (shravya-g90)
Changed in puppet-neutron:
assignee: nobody → shravya Gaddam (shravya-g90)
Revision history for this message
shravya Gaddam (shravya-g90) wrote :

Can i just remove the file path in neutron_api_config in puppet trove ?

Please let me know.

Thanks

Revision history for this message
Javier Peña (jpena-c) wrote :

I cannot see any neutron_api_config in puppet-trove. If you mean puppet-neutron, I would remove all neutron_api_config entries when they are duplicating an entry in neutron_config.

narasimha18sv (narasimha18sv)
Changed in puppet-neutron:
assignee: shravya Gaddam (shravya-g90) → narasimha18sv (narasimha18sv)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to puppet-neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/267420

Changed in puppet-neutron:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: master
Review: https://review.openstack.org/279014

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on puppet-neutron (master)

Change abandoned by narasimha18sv (<email address hidden>) on branch: master
Review: https://review.openstack.org/267420
Reason: Merge Conflicts in the Branch I have pushed in my local repo

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Change abandoned by Alex Schultz (<email address hidden>) on branch: master
Review: https://review.openstack.org/279014
Reason: This review is > 4 weeks without comment or failed Jenkins or merge conflict the last time it was checked. We are abandoning this for now. Feel free to reactivate the review by pressing the restore button and leaving a 'recheck' comment to get fresh test results.

Revision history for this message
Takashi Kajinami (kajinamit) wrote :

This was fix in a paste release so I'll close this now.

Changed in puppet-neutron:
status: In Progress → Fix Released
assignee: narasimha18sv (narasimha18sv) → nobody
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.