kolla

  1. Bug #1624457
  2. Comment #14

Comment 14 for bug 1624457

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to kolla (stable/ocata)

Reviewed: https://review.openstack.org/440672
Committed: https://git.openstack.org/cgit/openstack/kolla/commit/?id=9ec3d110078d571068325e1f198745a6ae78f633
Submitter: Jenkins
Branch: stable/ocata

commit 9ec3d110078d571068325e1f198745a6ae78f633
Author: Mark Goddard <email address hidden>
Date: Wed Feb 22 02:23:05 2017 +0000

    Fix binary ironic-inspector rootwrap configuration

    When built with the binary install type (at least on CentOS), Ironic
    inspector fails to start and the container remains in a restarting
    state. The log file shows that it is failing to execute iptables, and
    analysis found that this was due to an incorrect rootwrap
    configuration. The RDO ironic inspector RPM expects Ironic inspector
    to be run as the ironic-inspector user, however Kolla uses the ironic
    user. This means that neither of the packaged ironic nor
    ironic-inspector sudoers configuration files works for us.

    Kolla currently installs a sudoers file pointing to the rootwrap
    script in the virtualenv of the source install, but of course this
    only makes sense for source installs, and should not be installed for
    binary installs.

    This change adds a second sudoers file that will work for the binary
    install type, and installs the correct sudoers file for the install
    type.

    Change-Id: I8ecd0b658b8df8f38ddf717fa9443d4dc2896984
    Closes-Bug: #1624457
    (cherry picked from commit 5752c7eb0b1f9c5978dd4e9271ded346cea231e0)