OpenStack overcloud deployment fails with 'certificate verify failed'

Solution Verified - Updated -

Issue

During the deployment or update of your overcloud, it fails at step 4 with an error like this:

overcloud.AllNodesDeploySteps.ControllerDeployment_Step4.0:
  resource_type: OS::Heat::StructuredDeployment
  physical_resource_id: e7b02491-0000-0000-0000-f8a5e01bb17c
  status: UPDATE_FAILED
  status_reason: |
    Error: resources[0]: Deployment to server failed: deploy_status_code : Deployment exited with non-zero status code: 2
  deploy_stdout: |
    ...
            "+ exit 1",
            "2020-09-10 11:08:47,514 INFO: 227264 -- Finished processing puppet configs for cinder_init_tasks",
            "2020-09-10 11:08:47,515 ERROR: 227152 -- ERROR configuring cinder_init_tasks"
        ]
    }
        to retry, use: --limit @/var/lib/heat-config/heat-config-ansible/f176e151-09fa-49f9-ba43-c151fdc507e7_playbook.retry

    PLAY RECAP *********************************************************************
    localhost                  : ok=16   changed=8    unreachable=0    failed=1

    (truncated, view all with --long)
  deploy_stderr: |

When you look at the output of 'openstack stack failures list overcloud --long' you see the following:

            "Error: Failed to apply catalog: Execution of '/usr/bin/openstack volume type list --quiet --format csv --long' returned 1: SSL exception connecting to https://url.tld:13776/v2/5a7d4788ded74abda0993ade79ce0569/types?is_public=None: (\"bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)\",) (tried 31, for a total of 170 seconds)",
            "+ rc=1",
            "+ set -e",
            "+ '[' 1 -ne 2 -a 1 -ne 0 ']'",
            "+ exit 1",
            "2020-09-10 11:08:47,514 INFO: 227264 -- Finished processing puppet configs for cinder_init_tasks",
            "2020-09-10 11:08:47,515 ERROR: 227152 -- ERROR configuring cinder_init_tasks"
        ]
    }
        to retry, use: --limit @/var/lib/heat-config/heat-config-ansible/f176e151-09fa-49f9-ba43-c151fdc507e7_playbook.retry

    PLAY RECAP *********************************************************************
    localhost                  : ok=16   changed=8    unreachable=0    failed=1

  deploy_stderr: |

Environment

  • Red Hat OpenStack Platform

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content