tls-everywhere-* validations fail for undercloud node if TLS everywhere is not configured

Solution Verified - Updated -

Issue

tls-everywhere-pre-deployment and tls-everywhere-post-deployment fail for undercloud node if TLS everywhere is not used:

{
    "task": {
        "hosts": {
            "undercloud": {
                "_ansible_no_log": false,
                "action": "command",
                "changed": false,
                "cmd": [
                    "ping",
                    "-c",
                    "3",
                    "ipa-ca"
                ],
                "delta": "0:00:00.008469",
                "end": "2020-10-07 09:05:09.867576",
                "failed": true,
                "invocation": {
                    "module_args": {
                        "_raw_params": "ping -c 3 ipa-ca",
                        "_uses_shell": false,
                        "argv": null,
                        "chdir": null,
                        "creates": null,
                        "executable": null,
                        "removes": null,
                        "stdin": null,
                        "stdin_add_newline": true,
                        "strip_empty_ends": true,
                        "warn": true
                    }
                },
                "msg": "non-zero return code",
                "rc": 2,
                "start": "2020-10-07 09:05:09.859107",
                "stderr": "ping: ipa-ca: Name or service not known",
                "stderr_lines": [
                    "ping: ipa-ca: Name or service not known"
                ],
                "stdout": "",
                "stdout_lines": []
            }
        },
        "name": "Try to ping ipa-ca",
        "status": "FAILED"
    }
}
{
    "task": {
        "hosts": {
            "undercloud": {
                "_ansible_no_log": false,
                "action": "reportentry",
                "changed": false,
                "failed": true,
                "invocation": {
                    "module_args": {
                        "report_reason": "DNS is NOT configured correctly",
                        "report_recommendations": [
                            "Check that the DNS server for this node points to IdM/FreeIPA",
                            "For the undercloud, you need to set the 'undercloud_nameservers' configuration parameter",
                            "For the overcloud, you need to set the 'DnsServers' parameter",
                            "Make sure that the relevant 'search' entry is in /etc/resolv.conf"
                        ],
                        "report_status": "ERROR"
                    }
                },
                "msg": "[ERROR] 'DNS is NOT configured correctly'\n - RECOMMENDATION: Check that the DNS server for this node points to IdM/FreeIPA\n - RECOMMENDATION: For the undercloud, you need to set the 'undercloud_nameservers' configuration parameter\n - RECOMMENDATION: For the overcloud, you need to set the 'DnsServers' parameter\n - RECOMMENDATION: Make sure that the relevant 'search' entry is in /etc/resolv.conf\n"
            }
        },
        "name": "DNS check",
        "status": "FAILED"
    }
}

Environment

  • Red Hat OpenStack Platform 16.1

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content