From: Feng Pan Date: Sat, 10 Mar 2018 16:02:36 +0000 (+0000) Subject: Merge "Fixes ceph key import failures" X-Git-Tag: opnfv-6.0.0~21 X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=commitdiff_plain;h=484b7f421f8c520e45aa8cf9d9d9304132a79b4a;hp=8a60d332f17967dfa861e1e8644d16eb3eab2346;p=apex.git Merge "Fixes ceph key import failures" --- diff --git a/build/overcloud-full.sh b/build/overcloud-full.sh index 7ed57d00..a4006c4a 100755 --- a/build/overcloud-full.sh +++ b/build/overcloud-full.sh @@ -145,6 +145,8 @@ LIBGUESTFS_BACKEND=direct $VIRT_CUSTOMIZE \ --install python-etcd,puppet-etcd \ --install patch \ --install docker,kubelet,kubeadm,kubectl,kubernetes-cni \ + --upload ${BUILD_ROOT}/patches/puppet-ceph.patch:/etc/puppet/modules/ceph/ \ + --run-command "cd /etc/puppet/modules/ceph && patch -p1 < puppet-ceph.patch" \ -a overcloud-full_build.qcow2 # upload and install barometer packages diff --git a/build/patches/puppet-ceph.patch b/build/patches/puppet-ceph.patch new file mode 100644 index 00000000..18bf9ee4 --- /dev/null +++ b/build/patches/puppet-ceph.patch @@ -0,0 +1,76 @@ +From 99a0bcc818ed801f6cb9e07a9904ee40e624bdab Mon Sep 17 00:00:00 2001 +From: Tim Rozet +Date: Mon, 5 Mar 2018 17:03:00 -0500 +Subject: [PATCH] Fixes ceph key import failures by adding multiple attempts + +Signed-off-by: Tim Rozet +--- + manifests/key.pp | 42 +++++++++++++++++------------------------- + 1 file changed, 17 insertions(+), 25 deletions(-) + +diff --git a/manifests/key.pp b/manifests/key.pp +index 911df1a..d47a4c3 100644 +--- a/manifests/key.pp ++++ b/manifests/key.pp +@@ -123,22 +123,6 @@ define ceph::key ( + } + } + +- # ceph-authtool --add-key is idempotent, will just update pre-existing keys +- exec { "ceph-key-${name}": +- command => "/bin/true # comment to satisfy puppet syntax requirements +-set -ex +-ceph-authtool ${keyring_path} --name '${name}' --add-key '${secret}' ${caps}", +- unless => "/bin/true # comment to satisfy puppet syntax requirements +-set -x +-NEW_KEYRING=\$(mktemp) +-ceph-authtool \$NEW_KEYRING --name '${name}' --add-key '${secret}' ${caps} +-diff -N \$NEW_KEYRING ${keyring_path} +-rv=\$? +-rm \$NEW_KEYRING +-exit \$rv", +- require => [ File[$keyring_path], ], +- logoutput => true, +- } + + if $inject { + +@@ -162,18 +146,26 @@ exit \$rv", + exec { "ceph-injectkey-${name}": + command => "/bin/true # comment to satisfy puppet syntax requirements + set -ex ++cat ${keyring_path} ++ceph-authtool ${keyring_path} --name '${name}' --add-key '${secret}' ${caps} ++cat ${keyring_path} + ceph ${cluster_option} ${inject_id_option} ${inject_keyring_option} auth import -i ${keyring_path}", +- unless => "/bin/true # comment to satisfy puppet syntax requirements +-set -x +-OLD_KEYRING=\$(mktemp) +-ceph ${cluster_option} ${inject_id_option} ${inject_keyring_option} auth get ${name} -o \$OLD_KEYRING || true +-diff -N \$OLD_KEYRING ${keyring_path} +-rv=$? +-rm \$OLD_KEYRING +-exit \$rv", +- require => [ Class['ceph'], Exec["ceph-key-${name}"], ], ++ require => [ File[$keyring_path], Class['ceph'] ], + logoutput => true, ++ tries => 6, ++ try_sleep => 10 + } + ++ } else { ++ ++ # ceph-authtool --add-key is idempotent, will just update pre-existing keys ++ exec { "ceph-key-${name}": ++ command => "/bin/true # comment to satisfy puppet syntax requirements ++set -ex ++ceph-authtool ${keyring_path} --name '${name}' --add-key '${secret}' ${caps} ++cat ${keyring_path}", ++ require => [ File[$keyring_path], ], ++ logoutput => true, ++ } + } + } +-- +2.14.3 +