search

openstack-k8s-operators / edpm-ansible

External Dataplane Management Ansible Playbooks
https://openstack-k8s-operators.github.io/edpm-ansible/
Apache License 2.0
9 stars 65 forks source link

Fix qemu cert path and permissions #612

Closed olliewalsh closed 5 months ago

olliewalsh commented 5 months ago

Qemu is expecting the ca cert to be in a single dir and root:qemu 0640

https://docs.openstack.org/nova/latest/admin/secure-live-migration-with-qemu-native-tls.html#other-tls-environment-related-checks-on-compute-nodes

Client cert is not valid right now so disable mTLS until this is fixed.

Also remove unnecessary edpm_libvirt_tls_ca_src_dir var.

openshift-ci[bot] commented 5 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: olliewalsh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openstack-k8s-operators/edpm-ansible/blob/main/OWNERS)~~ [olliewalsh] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
softwarefactory-project-zuul[bot] commented 5 months ago

Build failed (check pipeline). Post recheck (without leading slash) to rerun all jobs. Make sure the failure cause has been resolved before you rerun jobs.

https://review.rdoproject.org/zuul/buildset/6ec2006caad34bbcbb63aafa8225f2f6

:heavy_check_mark: openstack-k8s-operators-content-provider SUCCESS in 2h 41m 57s :heavy_check_mark: podified-multinode-edpm-deployment-crc SUCCESS in 1h 38m 00s :heavy_check_mark: cifmw-crc-podified-edpm-baremetal SUCCESS in 1h 43m 57s :heavy_check_mark: edpm-ansible-molecule-edpm_bootstrap SUCCESS in 8m 48s :heavy_check_mark: edpm-ansible-molecule-edpm_podman SUCCESS in 8m 08s :heavy_check_mark: edpm-ansible-molecule-edpm_module_load SUCCESS in 4m 01s :heavy_check_mark: edpm-ansible-molecule-edpm_kernel SUCCESS in 11m 23s :x: edpm-ansible-molecule-edpm_libvirt FAILURE in 13m 32s :heavy_check_mark: edpm-ansible-molecule-edpm_nova SUCCESS in 20m 23s :heavy_check_mark: edpm-ansible-molecule-edpm_frr SUCCESS in 9m 34s :heavy_check_mark: edpm-ansible-molecule-edpm_iscsid SUCCESS in 4m 01s :heavy_check_mark: edpm-ansible-molecule-edpm_ovn_bgp_agent SUCCESS in 13m 46s :heavy_check_mark: edpm-ansible-molecule-edpm_ovs SUCCESS in 9m 22s

olliewalsh commented 5 months ago

/hold

olliewalsh commented 5 months ago

Hold until https://github.com/openstack-k8s-operators/openstack-operator/pull/727 tempest succeeds

openshift-merge-robot commented 5 months ago

PR needs rebase.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
olliewalsh commented 5 months ago

Merged into https://github.com/openstack-k8s-operators/edpm-ansible/pull/626