Bug #1850634 “queens regresion: _dn_to_id() not using utf8_encod...” : Bugs : OpenStack Identity (keystone)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-10-30: Fix proposed to keystone (stable/queens)

#1

Fix proposed to branch: stable/queens
Review: https://review.opendev.org/692128

Corey Bryant (corey.bryant) on 2019-10-30

Changed in keystone (Ubuntu):
status:	New → Invalid
Changed in keystone (Ubuntu Bionic):
status:	New → Triaged
importance:	Undecided → High
Changed in cloud-archive:
status:	New → Invalid
Changed in keystone (Ubuntu Bionic):
assignee:	nobody → Corey Bryant (corey.bryant)

Corey Bryant (corey.bryant) on 2019-10-30

description:	updated
summary:	- stable/queens regresion - _dn_to_id() should still be using - utf8_encode/utf8_decode in queens + queens regresion - _dn_to_id() not using utf8_encode/utf8_decode
summary:	- queens regresion - _dn_to_id() not using utf8_encode/utf8_decode + queens regresion: _dn_to_id() not using utf8_encode/utf8_decode
summary:	- queens regresion: _dn_to_id() not using utf8_encode/utf8_decode + queens regresion: _dn_to_id() not using utf8_encode/decode

Gage Hugo (gagehugo) on 2019-10-30

Changed in keystone:
status:	New → Triaged
importance:	Undecided → Low
milestone:	none → ussuri-1
assignee:	nobody → Corey Bryant (corey.bryant)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-10-31: Fix merged to keystone (stable/queens)

#2

Reviewed: https://review.opendev.org/692128
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=e8b04cc4265d672214da50b99ead8c4f8cc49aa2
Submitter: Zuul
Branch: stable/queens

commit e8b04cc4265d672214da50b99ead8c4f8cc49aa2
Author: Corey Bryant <email address hidden>
Date: Wed Oct 30 08:49:24 2019 -0400

Revert "Fix python3 compatibility on LDAP search DN from id"

    This reverts commit 79ed42ee67915383242541329dd5aa186f087ff2,
    which shouldn't have been backported to stable/queens because the
    following patch, which switched to bytes_mode=False, doesn't exist
    in stable/queens: https://review.opendev.org/#/c/613648/.

Change-Id: I3c0fe74559f1bbf66f717fbaeb1e1dd435e7eb2c
Closes-Bug: #1850634

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-10-31: Fix included in openstack/keystone 13.0.4

#3

This issue was fixed in the openstack/keystone 13.0.4 release.

Mathew Hodson (mhodson) on 2019-11-02

tags:

added: bionic regression-proposed

Revision history for this message

Timo Aaltonen (tjaalton) wrote on 2019-11-22: Please test proposed package

#4

Hello Corey, or anyone else affected,

Accepted keystone into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/keystone/2:13.0.2-0ubuntu3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in keystone (Ubuntu Bionic):
status:	Triaged → Fix Committed
tags:	added: verification-needed verification-needed-bionic

Revision history for this message

Corey Bryant (corey.bryant) wrote on 2019-11-22:

#5

This fix was released upstream in queens 13.0.4

Revision history for this message

Corey Bryant (corey.bryant) wrote on 2019-12-13:

#6

Hello Corey, or anyone else affected,

Accepted keystone into queens-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

sudo add-apt-repository cloud-archive:queens-proposed
sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-queens-needed to verification-queens-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-queens-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags:

added: verification-queens-needed

Revision history for this message

Felipe Reyes (freyes) wrote on 2020-01-13:

#7

Download full text (34.4 KiB)

I went through the test case using the package available in -proposed and everything worked fine, no regressions were detected when using keystone neither.

Here it's the journal of my testing.

$ time tox -e func-smoke
func-smoke installed: DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support,amulet==1.21.0,aodhclient==1.5.0,appdirs==1.4.3,Babel==2.8.0,backports.os==0.1.1,blessings==1.6,bundletester==0.12.2,certifi==2019.11.28,cffi==1.13.2,chardet==3.0.4,charm-tools==2.7.2,charmhelpers==0.20.7,Cheetah3==3.2.4,cliff==2.18.0,cmd2==0.8.9,colander==1.7.0,configparser==4.0.2,contextlib2==0.6.0.post1,coverage==5.0.3,cryptography==2.8,debtcollector==1.22.0,decorator==4.4.1,dict2colander==0.2,distro==1.4.0,distro-info==0.0.0,dogpile.cache==0.9.0,entrypoints==0.3,enum34==1.1.6,extras==1.0.0,fasteners==0.15,fixtures==3.0.0,flake8==2.4.1,funcsigs==1.0.2,functools32==3.2.3.post2,future==0.18.2,futures==3.3.0,futurist==1.10.0,gnocchiclient==3.1.1,httplib2==0.15.0,idna==2.8,importlib-metadata==1.4.0,ipaddress==1.0.23,iso8601==0.1.12,Jinja2==2.10.3,jmespath==0.9.4,jsonpatch==1.24,jsonpointer==2.0,jsonschema==2.5.1,juju-deployer==0.11.0,juju-wait==2.5.0,jujubundlelib==0.5.6,jujuclient==0.54.0,keyring==18.0.1,keystoneauth1==3.18.0,launchpadlib==1.10.9,lazr.authentication==0.1.3,lazr.restfulclient==0.14.2,lazr.uri==1.0.3,libcharmstore==0.0.9,linecache2==1.0.0,macaroonbakery==1.2.3,MarkupSafe==1.1.1,mccabe==0.3.1,mock==3.0.5,monotonic==1.5,more-itertools==5.0.0,msgpack==0.6.2,munch==2.5.0,netaddr==0.7.19,netifaces==0.10.9,nose==1.3.7,oauth==1.0.1,oauthlib==3.1.0,openstacksdk==0.39.0,os-client-config==2.0.0,os-service-types==1.7.0,osc-lib==1.15.0,oslo.concurrency==3.31.0,oslo.config==7.0.0,oslo.context==2.23.0,oslo.i18n==3.25.1,oslo.log==3.45.2,oslo.serialization==2.29.2,oslo.utils==3.42.1,osprofiler==2.9.0,otherstuf==1.1.0,parse==1.14.0,path.py==11.5.2,pathlib2==2.3.5,pathspec==0.3.4,pbr==5.4.4,pep8==1.7.1,pika==0.13.1,pkg-resources==0.0.0,prettytable==0.7.2,protobuf==3.11.2,pycparser==2.19,pyflakes==0.8.1,pyinotify==0.9.6,pymacaroons==0.13.0,PyNaCl==1.3.0,pyOpenSSL==19.1.0,pyparsing==2.4.6,pyperclip==1.7.0,pyRFC3339==1.1,python-barbicanclient==4.9.0,python-ceilometerclient==2.9.0,python-cinderclient==4.3.0,python-dateutil==2.8.1,python-designateclient==3.0.0,python-glanceclient==2.17.0,python-heatclient==1.18.0,python-keystoneclient==3.22.0,python-manilaclient==1.29.0,python-mimeparse==1.6.0,python-neutronclient==6.14.0,python-novaclient==16.0.0,python-openstackclient==4.0.0,python-subunit==1.3.0,python-swiftclient==3.8.1,pytz==2019.3,pyudev==0.21.0,PyYAML==3.13,requests==2.22.0,requestsexceptions==1.4.0,rfc3986==1.3.2,ruamel.ordereddict==0.4.14,ruamel.yaml==0.15.100,scandir==1.10.0,SecretStorage==2.3.1,simplejson==3.17.0,six==1.13.0,stestr==2.6.0,stevedore==1.31.0,stuf==0.9.16,subprocess32==3.5.4,Tempita==0.5.2,testresources==2.0.1,testtools==2.3.0,theblues==0.5.2,t...

I went through the test case using the package available in -proposed and everything worked fine, no regressions were detected when using keystone neither.

Here it's the journal of my testing.

$  time tox -e func-smoke
func-smoke installed: DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support,amulet==1.21.0,aodhclient==1.5.0,appdirs==1.4.3,Babel==2.8.0,backports.os==0.1.1,blessings==1.6,bundletester==0.12.2,certifi==2019.11.28,cffi==1.13.2,chardet==3.0.4,charm-tools==2.7.2,charmhelpers==0.20.7,Cheetah3==3.2.4,cliff==2.18.0,cmd2==0.8.9,colander==1.7.0,configparser==4.0.2,contextlib2==0.6.0.post1,coverage==5.0.3,cryptography==2.8,debtcollector==1.22.0,decorator==4.4.1,dict2colander==0.2,distro==1.4.0,distro-info==0.0.0,dogpile.cache==0.9.0,entrypoints==0.3,enum34==1.1.6,extras==1.0.0,fasteners==0.15,fixtures==3.0.0,flake8==2.4.1,funcsigs==1.0.2,functools32==3.2.3.post2,future==0.18.2,futures==3.3.0,futurist==1.10.0,gnocchiclient==3.1.1,httplib2==0.15.0,idna==2.8,importlib-metadata==1.4.0,ipaddress==1.0.23,iso8601==0.1.12,Jinja2==2.10.3,jmespath==0.9.4,jsonpatch==1.24,jsonpointer==2.0,jsonschema==2.5.1,juju-deployer==0.11.0,juju-wait==2.5.0,jujubundlelib==0.5.6,jujuclient==0.54.0,keyring==18.0.1,keystoneauth1==3.18.0,launchpadlib==1.10.9,lazr.authentication==0.1.3,lazr.restfulclient==0.14.2,lazr.uri==1.0.3,libcharmstore==0.0.9,linecache2==1.0.0,macaroonbakery==1.2.3,MarkupSafe==1.1.1,mccabe==0.3.1,mock==3.0.5,monotonic==1.5,more-itertools==5.0.0,msgpack==0.6.2,munch==2.5.0,netaddr==0.7.19,netifaces==0.10.9,nose==1.3.7,oauth==1.0.1,oauthlib==3.1.0,openstacksdk==0.39.0,os-client-config==2.0.0,os-service-types==1.7.0,osc-lib==1.15.0,oslo.concurrency==3.31.0,oslo.config==7.0.0,oslo.context==2.23.0,oslo.i18n==3.25.1,oslo.log==3.45.2,oslo.serialization==2.29.2,oslo.utils==3.42.1,osprofiler==2.9.0,otherstuf==1.1.0,parse==1.14.0,path.py==11.5.2,pathlib2==2.3.5,pathspec==0.3.4,pbr==5.4.4,pep8==1.7.1,pika==0.13.1,pkg-resources==0.0.0,prettytable==0.7.2,protobuf==3.11.2,pycparser==2.19,pyflakes==0.8.1,pyinotify==0.9.6,pymacaroons==0.13.0,PyNaCl==1.3.0,pyOpenSSL==19.1.0,pyparsing==2.4.6,pyperclip==1.7.0,pyRFC3339==1.1,python-barbicanclient==4.9.0,python-ceilometerclient==2.9.0,python-cinderclient==4.3.0,python-dateutil==2.8.1,python-designateclient==3.0.0,python-glanceclient==2.17.0,python-heatclient==1.18.0,python-keystoneclient==3.22.0,python-manilaclient==1.29.0,python-mimeparse==1.6.0,python-neutronclient==6.14.0,python-novaclient==16.0.0,python-openstackclient==4.0.0,python-subunit==1.3.0,python-swiftclient==3.8.1,pytz==2019.3,pyudev==0.21.0,PyYAML==3.13,requests==2.22.0,requestsexceptions==1.4.0,rfc3986==1.3.2,ruamel.ordereddict==0.4.14,ruamel.yaml==0.15.100,scandir==1.10.0,SecretStorage==2.3.1,simplejson==3.17.0,six==1.13.0,stestr==2.6.0,stevedore==1.31.0,stuf==0.9.16,subprocess32==3.5.4,Tempita==0.5.2,testresources==2.0.1,testtools==2.3.0,theblues==0.5.2,traceback2==1.4.0,translationstring==1.3,unicodecsv==0.14.1,unittest2==1.1.0,urllib3==1.25.7,vergit==1.0.2,virtualenv==16.7.9,voluptuous==0.11.7,wadllib==1.3.3,warlock==1.3.3,wcwidth==0.1.8,WebOb==1.8.5,websocket-client==0.40.0,wrapt==1.11.2,wsgi-intercept==1.9.1,zipp==0.6.0,zope.interface==4.7.1
func-smoke run-test-pre: PYTHONHASHSEED='0'
func-smoke runtests: commands[0] | bundletester -vl DEBUG -r json -o func-results.json gate-basic-bionic-queens --no-destroy
DEBUG:bundletester.utils:Updating JUJU_MODEL: "" -> "stsstack-stsstack:admin/lp1850634"
DEBUG:root:Bootstrap environment: stsstack-stsstack:admin/lp1850634
DEBUG:deployer.env:Connecting to stsstack-stsstack:admin/lp1850634...
DEBUG:jujuclient.connector:Connecting to wss://10.5.0.14:17070/model/8a5aca16-9818-419d-8c01-0839c05d5897/api
DEBUG:deployer.env:Connected.
DEBUG:deployer.env: Destroying application keystone-ldap
DEBUG:deployer.env: Destroying application keystone
DEBUG:deployer.env: Destroying application ldap-server
DEBUG:deployer.env: Destroying application percona-cluster
DEBUG:deployer.env:  No unit errors found.
DEBUG:deployer.env: Terminating machines forcefully
DEBUG:deployer.env:  Terminating machine 0
DEBUG:deployer.env:  Terminating machine 1
DEBUG:deployer.env:  Terminating machine 2
INFO:deployer.env:  Waiting for machine termination
DEBUG:jujuclient.connector:Connecting to wss://10.5.0.14:17070/model/8a5aca16-9818-419d-8c01-0839c05d5897/api
DEBUG:root:Waiting for applications to be removed...
DEBUG:root: Remaining applications: [u'percona-cluster']
DEBUG:runner:call ['/home/freyes/Projects/charms/openstack/builds/keystone-ldap/.tox/func-smoke/bin/charm-proof'] (cwd: /tmp/bundletester-ogQiBL/keystone-ldap)
DEBUG:runner:I: `display-name` not provided, add for custom naming in the UI
DEBUG:runner:I: config.yaml: option ssl_key has no default value
DEBUG:runner:I: config.yaml: option ssl_cert has no default value
DEBUG:runner:I: config.yaml: option ldap-user has no default value
DEBUG:runner:I: config.yaml: option ldap-server has no default value
DEBUG:runner:I: config.yaml: option ssl_ca has no default value
DEBUG:runner:I: config.yaml: option ldap-password has no default value
DEBUG:runner:I: config.yaml: option domain-name has no default value
DEBUG:runner:I: config.yaml: option ldap-suffix has no default value
DEBUG:runner:I: config.yaml: option ldap-config-flags has no default value
DEBUG:runner:I: config.yaml: option tls-ca-ldap has no default value
DEBUG:runner:Exit Code: 0
DEBUG:deployer.env: Terminating machines forcefully
INFO:deployer.env:  Waiting for machine termination
DEBUG:jujuclient.connector:Connecting to wss://10.5.0.14:17070/model/8a5aca16-9818-419d-8c01-0839c05d5897/api
DEBUG:root:Waiting for applications to be removed...
DEBUG:runner:call ['/tmp/bundletester-ogQiBL/keystone-ldap/tests/gate-basic-bionic-queens'] (cwd: /tmp/bundletester-ogQiBL/keystone-ldap)
DEBUG:runner:2020-01-13 12:35:09,309 __init__ INFO: OpenStackAmuletDeployment:  init
DEBUG:runner:2020-01-13 12:35:09,309 _add_services INFO: OpenStackAmuletDeployment:  adding services
DEBUG:runner:2020-01-13 12:35:09,309 _determine_branch_locations INFO: OpenStackAmuletDeployment:  determine branch locations
DEBUG:runner:2020-01-13 12:35:12 Starting deployment of stsstack-stsstack:admin/lp1850634
DEBUG:runner:2020-01-13 12:35:14 Deploying applications...
DEBUG:runner:2020-01-13 12:35:14  Deploying application keystone using cs:~openstack-charmers-next/keystone-472
DEBUG:runner:2020-01-13 12:35:22  Deploying application keystone-ldap using /tmp/charm8Ghyrt/bionic/keystone-ldap
DEBUG:runner:2020-01-13 12:36:12  Deploying application ldap-server using /tmp/charmXCNist/bionic/charm-ldap-test-fixture
DEBUG:runner:2020-01-13 12:36:20  Deploying application percona-cluster using cs:~openstack-charmers-next/percona-cluster-358
DEBUG:runner:2020-01-13 12:36:32 Config specifies num units for subordinate: keystone-ldap
DEBUG:runner:2020-01-13 13:09:00 Adding relations...
DEBUG:runner:2020-01-13 13:09:00  Adding relation keystone:shared-db <-> percona-cluster:shared-db
DEBUG:runner:2020-01-13 13:09:10  Adding relation keystone:domain-backend <-> keystone-ldap:domain-backend
DEBUG:runner:2020-01-13 13:14:42 Deployment complete in 2370.27 seconds
...
 ~  $  juju ssh keystone/1 sudo su -
root@juju-5d5897-lp1850634-3:~# vim /etc/keystone/domains/keystone.userdomain.conf
root@juju-5d5897-lp1850634-3:~# cat /etc/keystone/domains/keystone.userdomain.conf
[ldap]
url = ldap://10.5.0.10
user = cn=admin,dc=test,dc=com
password = crapper
suffix = dc=test,dc=com

user_allow_create = False
user_allow_update = False
user_allow_delete = False

group_allow_create = False
group_allow_update = False
group_allow_delete = False

# Upstream release note for more context:
# Fixed the problem where Keystone indiscriminately return the first RDN
# as the user ID, regardless whether it matches the configured
# 'user_id_attribute' or not. This will break deployments where
# 'group_members_are_ids' are set to False and 'user_id_attribute' is not
# in the DN. This patch will perform a lookup by DN if the first RND does
# not match the configured 'user_id_attribute'.

###### Test scenario 1 (exercises else path in _dn_to_id) ######
# Prior to bug 1782922 fix, 'openstack user list --group cloud --domain userdomain'
# returns nothing.
# After bug 1782922 fix, 'openstack user list --group cloud --domain userdomain'
# returns users. _dn_to_id() takes new else path, where 'ID' attribute is not in
# the DN, and LDAP search is performed to look it up from the user entry itself.
group_id_attribute = businessCategory
group_name_attribute = businessCategory
group_member_attribute = member
group_members_are_ids = False
group_objectclass = groupOfNames

group_tree_dn = ou=groups,dc=test,dc=com
#user_id_attribute = uidNumber
user_objectclass = inetOrgPerson
user_tree_dn = ou=users,dc=test,dc=com

###### Test scenario 2 (exercises if path in _dn_to_id) ######
# Configuration is same as above except user_id_attribute not specified.

# User supplied configuration flags
[identity]
driver = ldap

~  $  juju config keystone debug
false ~  $  juju config keystone debug=true
 ~  $  juju status
Model      Controller         Cloud/Region       Version  SLA          Timestamp
lp1850634  stsstack-stsstack  stsstack/stsstack  2.7-rc6  unsupported  16:20:57-03:00

App              Version  Status  Scale  Charm              Store       Rev  OS      Notes
keystone         13.0.2   active      1  keystone           jujucharms  472  ubuntu  
keystone-ldap    13.0.2   active      1  keystone-ldap      local         1  ubuntu  
ldap-server               active      1  ldap-test-fixture  local         1  ubuntu  
percona-cluster  5.7.20   active      1  percona-cluster    jujucharms  358  ubuntu

Unit                Workload  Agent      Machine  Public address  Ports     Message
keystone/1*         active    executing  3        10.5.0.20       5000/tcp  (config-changed) Unit is ready
  keystone-ldap/1*  active    idle                10.5.0.20                 Unit is ready
ldap-server/1*      active    idle       4        10.5.0.10                 Unit is ready
percona-cluster/1*  active    idle       5        10.5.0.26       3306/tcp  Unit is ready

Machine  State    DNS        Inst id                               Series  AZ    Message
3        started  10.5.0.20  9d85293c-b2db-4f99-b467-4f0665a0c8d7  bionic  nova  ACTIVE
4        started  10.5.0.10  1c376cce-4ce7-4612-b941-4fdfd9d717c5  bionic  nova  ACTIVE
5        started  10.5.0.26  a4ebf466-a708-497b-a5ac-cf7806e37fc6  bionic  nova  ACTIVE

~  $  juju status
Model      Controller         Cloud/Region       Version  SLA          Timestamp
lp1850634  stsstack-stsstack  stsstack/stsstack  2.7-rc6  unsupported  16:21:21-03:00

App              Version  Status       Scale  Charm              Store       Rev  OS      Notes
keystone         13.0.2   maintenance      1  keystone           jujucharms  472  ubuntu  
keystone-ldap    13.0.2   active           1  keystone-ldap      local         1  ubuntu  
ldap-server               active           1  ldap-test-fixture  local         1  ubuntu  
percona-cluster  5.7.20   active           1  percona-cluster    jujucharms  358  ubuntu

Unit                Workload     Agent      Machine  Public address  Ports     Message
keystone/1*         maintenance  executing  3        10.5.0.20       5000/tcp  (config-changed) Updating NRPE configuration
  keystone-ldap/1*  active       idle                10.5.0.20                 Unit is ready
ldap-server/1*      active       idle       4        10.5.0.10                 Unit is ready
percona-cluster/1*  active       idle       5        10.5.0.26       3306/tcp  Unit is ready

Machine  State    DNS        Inst id                               Series  AZ    Message
3        started  10.5.0.20  9d85293c-b2db-4f99-b467-4f0665a0c8d7  bionic  nova  ACTIVE
4        started  10.5.0.10  1c376cce-4ce7-4612-b941-4fdfd9d717c5  bionic  nova  ACTIVE
5        started  10.5.0.26  a4ebf466-a708-497b-a5ac-cf7806e37fc6  bionic  nova  ACTIVE

~  $  juju status
Model      Controller         Cloud/Region       Version  SLA          Timestamp
lp1850634  stsstack-stsstack  stsstack/stsstack  2.7-rc6  unsupported  16:29:33-03:00

App              Version  Status  Scale  Charm              Store       Rev  OS      Notes
keystone         13.0.2   active      1  keystone           jujucharms  472  ubuntu  
keystone-ldap    13.0.2   active      1  keystone-ldap      local         1  ubuntu  
ldap-server               active      1  ldap-test-fixture  local         1  ubuntu  
percona-cluster  5.7.20   active      1  percona-cluster    jujucharms  358  ubuntu

Unit                Workload  Agent  Machine  Public address  Ports     Message
keystone/1*         active    idle   3        10.5.0.20       5000/tcp  Unit is ready
  keystone-ldap/1*  active    idle            10.5.0.20                 Unit is ready
ldap-server/1*      active    idle   4        10.5.0.10                 Unit is ready
percona-cluster/1*  active    idle   5        10.5.0.26       3306/tcp  Unit is ready

Machine  State    DNS        Inst id                               Series  AZ    Message
3        started  10.5.0.20  9d85293c-b2db-4f99-b467-4f0665a0c8d7  bionic  nova  ACTIVE
4        started  10.5.0.10  1c376cce-4ce7-4612-b941-4fdfd9d717c5  bionic  nova  ACTIVE
5        started  10.5.0.26  a4ebf466-a708-497b-a5ac-cf7806e37fc6  bionic  nova  ACTIVE

root@juju-5d5897-lp1850634-3:/var/log/keystone# tail -f keystone.log 
  warnings.warn(msg)

(keystone.common.wsgi): 2020-01-13 20:01:44,018 WARNING Could not find domain: userdomain.
(keystone.common.wsgi): 2020-01-13 20:01:44,417 WARNING Could not find group: cloud.
(py.warnings): 2020-01-13 20:01:44,610 WARNING /usr/lib/python2.7/dist-packages/oslo_policy/policy.py:865: UserWarning: Policy identity:list_groups failed scope check. The token used to make the request was project scoped but the policy requires ['system'] scope. This behavior may change in the future where using the intended scope is required
  warnings.warn(msg)

(py.warnings): 2020-01-13 20:01:44,851 WARNING /usr/lib/python2.7/dist-packages/oslo_policy/policy.py:865: UserWarning: Policy identity:list_users_in_group failed scope check. The token used to make the request was project scoped but the policy requires ['system'] scope. This behavior may change in the future where using the intended scope is required
  warnings.warn(msg)

(keystone.common.wsgi): 2020-01-13 20:02:16,966 WARNING Could not find domain: userdomain.
(py.warnings): 2020-01-13 20:02:17,158 WARNING /usr/lib/python2.7/dist-packages/oslo_policy/policy.py:865: UserWarning: Policy identity:list_domains failed scope check. The token used to make the request was project scoped but the policy requires ['system'] scope. This behavior may change in the future where using the intended scope is required
  warnings.warn(msg)

(keystone.common.wsgi): 2020-01-13 20:02:17,363 WARNING Could not find domain: userdomain.
(keystone.common.wsgi): 2020-01-13 20:02:17,769 WARNING Could not find group: cloud.
(py.warnings): 2020-01-13 20:02:17,953 WARNING /usr/lib/python2.7/dist-packages/oslo_policy/policy.py:865: UserWarning: Policy identity:list_groups failed scope check. The token used to make the request was project scoped but the policy requires ['system'] scope. This behavior may change in the future where using the intended scope is required
  warnings.warn(msg)

(py.warnings): 2020-01-13 20:02:18,157 WARNING /usr/lib/python2.7/dist-packages/oslo_policy/policy.py:865: UserWarning: Policy identity:list_users_in_group failed scope check. The token used to make the request was project scoped but the policy requires ['system'] scope. This behavior may change in the future where using the intended scope is required
  warnings.warn(msg)

(keystone.common.wsgi): 2020-01-13 20:02:24,974 WARNING Could not find domain: userdomain.
(py.warnings): 2020-01-13 20:02:25,456 WARNING /usr/lib/python2.7/dist-packages/oslo_policy/policy.py:865: UserWarning: Policy identity:list_users failed scope check. The token used to make the request was project scoped but the policy requires ['system'] scope. This behavior may change in the future where using the intended scope is required
  warnings.warn(msg)

(keystone.common.wsgi): 2020-01-13 20:02:27,632 WARNING Could not find domain: userdomain.
(keystone.common.wsgi): 2020-01-13 20:02:31,875 WARNING Could not find domain: userdomain.
(keystone.common.wsgi): 2020-01-13 20:02:32,268 WARNING Could not find domain: userdomain.
(keystone.common.wsgi): 2020-01-13 20:02:32,650 WARNING Could not find group: cloud.
^C
root@juju-5d5897-lp1850634-3:/var/log/keystone# vim /etc/apt/sources.list
root@juju-5d5897-lp1850634-3:/var/log/keystone# apt-get update
Get:1 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Hit:2 http://nova.clouds.archive.ubuntu.com/ubuntu bionic InRelease
Get:3 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed InRelease [242 kB]
Get:4 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages [606 kB]          
Get:5 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
Get:6 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]      
Get:7 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages [71.8 kB]
Get:8 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main Translation-en [33.3 kB]
Get:9 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/universe amd64 Packages [48.6 kB]
Get:10 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/universe Translation-en [25.0 kB]
Get:11 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/multiverse amd64 Packages [1316 B]
Get:12 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/multiverse Translation-en [568 B]
Get:13 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages [830 kB]
Get:14 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-updates/universe amd64 Packages [1036 kB]
Fetched 3146 kB in 1s (2156 kB/s)                          
Reading package lists... Done
root@juju-5d5897-lp1850634-3:/var/log/keystone# apt policy keystone
keystone:
  Installed: 2:13.0.2-0ubuntu1
  Candidate: 2:13.0.2-0ubuntu3
  Version table:
     2:13.0.2-0ubuntu3 500
        500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages
 *** 2:13.0.2-0ubuntu1 500
        500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     2:13.0.0-0ubuntu1 500
        500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
root@juju-5d5897-lp1850634-3:/var/log/keystone# apt upgrade 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Calculating upgrade... Done
The following packages were automatically installed and are no longer required:
  grub-pc-bin libdumbnet1
Use 'apt autoremove' to remove them.
The following packages will be upgraded:
  apport cpp-7 g++-7 gcc-7 gcc-7-base gcc-8-base keystone libasan4 libatomic1 libcc1-0 libcilkrts5 libdrm-common libdrm2 libgcc-7-dev libgcc1 libgcrypt20 libglib2.0-0 libglib2.0-data libgomp1 libitm1 liblsan0 libmpx2 libquadmath0
  libstdc++-7-dev libstdc++6 libtsan0 libubsan0 login mdadm open-iscsi passwd python-keystone python3-apport python3-problem-report rsyslog uidmap
36 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 38.1 MB of archives.
After this operation, 4403 kB of additional disk space will be used.
Do you want to continue? [Y/n] 
Get:1 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 login amd64 1:4.5-1ubuntu2.1 [307 kB]
Get:2 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 open-iscsi amd64 2.0.874-5ubuntu2.9 [280 kB]
Get:3 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libtsan0 amd64 8.3.0-26ubuntu1~18.04 [288 kB]
Get:4 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 gcc-8-base amd64 8.3.0-26ubuntu1~18.04 [18.3 kB]
Get:5 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libstdc++6 amd64 8.3.0-26ubuntu1~18.04 [400 kB]
Get:6 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libquadmath0 amd64 8.3.0-26ubuntu1~18.04 [134 kB]
Get:7 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libmpx2 amd64 8.3.0-26ubuntu1~18.04 [11.6 kB]
Get:8 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 liblsan0 amd64 8.3.0-26ubuntu1~18.04 [133 kB]
Get:9 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libitm1 amd64 8.3.0-26ubuntu1~18.04 [27.9 kB]
Get:10 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libgomp1 amd64 8.3.0-26ubuntu1~18.04 [76.5 kB]
Get:11 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libcc1-0 amd64 8.3.0-26ubuntu1~18.04 [39.4 kB]
Get:12 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libatomic1 amd64 8.3.0-26ubuntu1~18.04 [9192 B]
Get:13 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libgcc1 amd64 1:8.3.0-26ubuntu1~18.04 [40.7 kB]
Get:14 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-updates/main amd64 libgcrypt20 amd64 1.8.1-4ubuntu1.2 [417 kB]
Get:15 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 passwd amd64 1:4.5-1ubuntu2.1 [819 kB]
Get:16 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libglib2.0-0 amd64 2.56.4-0ubuntu0.18.04.5 [1170 kB]
Get:17 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libglib2.0-data all 2.56.4-0ubuntu0.18.04.5 [4692 B]
Get:18 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 rsyslog amd64 8.32.0-1ubuntu4.1 [412 kB]
Get:19 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libdrm-common all 2.4.99-1ubuntu1~18.04.1 [5264 B]
Get:20 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libdrm2 amd64 2.4.99-1ubuntu1~18.04.1 [31.7 kB]
Get:21 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 python3-problem-report all 2.20.9-0ubuntu7.10 [10.6 kB]
Get:22 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 python3-apport all 2.20.9-0ubuntu7.10 [81.8 kB]
Get:23 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 apport all 2.20.9-0ubuntu7.10 [124 kB]
Get:24 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libubsan0 amd64 7.5.0-3ubuntu1~18.04 [126 kB]
Get:25 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libasan4 amd64 7.5.0-3ubuntu1~18.04 [358 kB]
Get:26 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libcilkrts5 amd64 7.5.0-3ubuntu1~18.04 [42.5 kB]
Get:27 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 g++-7 amd64 7.5.0-3ubuntu1~18.04 [9697 kB]
Get:28 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 gcc-7 amd64 7.5.0-3ubuntu1~18.04 [9381 kB]
Get:29 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libstdc++-7-dev amd64 7.5.0-3ubuntu1~18.04 [1471 kB]
Get:30 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 libgcc-7-dev amd64 7.5.0-3ubuntu1~18.04 [2378 kB]
Get:31 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 cpp-7 amd64 7.5.0-3ubuntu1~18.04 [8591 kB]
Get:32 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 gcc-7-base amd64 7.5.0-3ubuntu1~18.04 [18.3 kB]
Get:33 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 mdadm amd64 4.1~rc1-3~ubuntu18.04.3 [417 kB]
Get:34 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 uidmap amd64 1:4.5-1ubuntu2.1 [65.6 kB]
Get:35 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 keystone all 2:13.0.2-0ubuntu3 [42.7 kB]
Get:36 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 python-keystone all 2:13.0.2-0ubuntu3 [663 kB]
Fetched 38.1 MB in 2s (20.0 MB/s)     
Extracting templates from packages: 100%
Preconfiguring packages ...
(Reading database ... 108224 files and directories currently installed.)
Preparing to unpack .../login_1%3a4.5-1ubuntu2.1_amd64.deb ...
Unpacking login (1:4.5-1ubuntu2.1) over (1:4.5-1ubuntu2) ...
Setting up login (1:4.5-1ubuntu2.1) ...
(Reading database ... 108224 files and directories currently installed.)
Preparing to unpack .../open-iscsi_2.0.874-5ubuntu2.9_amd64.deb ...
Unpacking open-iscsi (2.0.874-5ubuntu2.9) over (2.0.874-5ubuntu2.7) ...
Preparing to unpack .../libtsan0_8.3.0-26ubuntu1~18.04_amd64.deb ...
Unpacking libtsan0:amd64 (8.3.0-26ubuntu1~18.04) over (8.3.0-6ubuntu1~18.04.1) ...
Preparing to unpack .../gcc-8-base_8.3.0-26ubuntu1~18.04_amd64.deb ...
Unpacking gcc-8-base:amd64 (8.3.0-26ubuntu1~18.04) over (8.3.0-6ubuntu1~18.04.1) ...
Setting up gcc-8-base:amd64 (8.3.0-26ubuntu1~18.04) ...
(Reading database ... 108226 files and directories currently installed.)
Preparing to unpack .../libstdc++6_8.3.0-26ubuntu1~18.04_amd64.deb ...
Unpacking libstdc++6:amd64 (8.3.0-26ubuntu1~18.04) over (8.3.0-6ubuntu1~18.04.1) ...
Setting up libstdc++6:amd64 (8.3.0-26ubuntu1~18.04) ...
(Reading database ... 108226 files and directories currently installed.)
Preparing to unpack .../0-libquadmath0_8.3.0-26ubuntu1~18.04_amd64.deb ...
Unpacking libquadmath0:amd64 (8.3.0-26ubuntu1~18.04) over (8.3.0-6ubuntu1~18.04.1) ...
Preparing to unpack .../1-libmpx2_8.3.0-26ubuntu1~18.04_amd64.deb ...
Unpacking libmpx2:amd64 (8.3.0-26ubuntu1~18.04) over (8.3.0-6ubuntu1~18.04.1) ...
Preparing to unpack .../2-liblsan0_8.3.0-26ubuntu1~18.04_amd64.deb ...
Unpacking liblsan0:amd64 (8.3.0-26ubuntu1~18.04) over (8.3.0-6ubuntu1~18.04.1) ...
Preparing to unpack .../3-libitm1_8.3.0-26ubuntu1~18.04_amd64.deb ...
Unpacking libitm1:amd64 (8.3.0-26ubuntu1~18.04) over (8.3.0-6ubuntu1~18.04.1) ...
Preparing to unpack .../4-libgomp1_8.3.0-26ubuntu1~18.04_amd64.deb ...
Unpacking libgomp1:amd64 (8.3.0-26ubuntu1~18.04) over (8.3.0-6ubuntu1~18.04.1) ...
Preparing to unpack .../5-libcc1-0_8.3.0-26ubuntu1~18.04_amd64.deb ...
Unpacking libcc1-0:amd64 (8.3.0-26ubuntu1~18.04) over (8.3.0-6ubuntu1~18.04.1) ...
Preparing to unpack .../6-libatomic1_8.3.0-26ubuntu1~18.04_amd64.deb ...
Unpacking libatomic1:amd64 (8.3.0-26ubuntu1~18.04) over (8.3.0-6ubuntu1~18.04.1) ...
Preparing to unpack .../7-libgcc1_1%3a8.3.0-26ubuntu1~18.04_amd64.deb ...
Unpacking libgcc1:amd64 (1:8.3.0-26ubuntu1~18.04) over (1:8.3.0-6ubuntu1~18.04.1) ...
Setting up libgcc1:amd64 (1:8.3.0-26ubuntu1~18.04) ...
(Reading database ... 108226 files and directories currently installed.)
Preparing to unpack .../libgcrypt20_1.8.1-4ubuntu1.2_amd64.deb ...
Unpacking libgcrypt20:amd64 (1.8.1-4ubuntu1.2) over (1.8.1-4ubuntu1.1) ...
Setting up libgcrypt20:amd64 (1.8.1-4ubuntu1.2) ...
(Reading database ... 108226 files and directories currently installed.)
Preparing to unpack .../passwd_1%3a4.5-1ubuntu2.1_amd64.deb ...
Unpacking passwd (1:4.5-1ubuntu2.1) over (1:4.5-1ubuntu2) ...
Setting up passwd (1:4.5-1ubuntu2.1) ...
(Reading database ... 108226 files and directories currently installed.)
Preparing to unpack .../00-libglib2.0-0_2.56.4-0ubuntu0.18.04.5_amd64.deb ...
Unpacking libglib2.0-0:amd64 (2.56.4-0ubuntu0.18.04.5) over (2.56.4-0ubuntu0.18.04.4) ...
Preparing to unpack .../01-libglib2.0-data_2.56.4-0ubuntu0.18.04.5_all.deb ...
Unpacking libglib2.0-data (2.56.4-0ubuntu0.18.04.5) over (2.56.4-0ubuntu0.18.04.4) ...
Preparing to unpack .../02-rsyslog_8.32.0-1ubuntu4.1_amd64.deb ...
Unpacking rsyslog (8.32.0-1ubuntu4.1) over (8.32.0-1ubuntu4) ...
Preparing to unpack .../03-libdrm-common_2.4.99-1ubuntu1~18.04.1_all.deb ...
Unpacking libdrm-common (2.4.99-1ubuntu1~18.04.1) over (2.4.97-1ubuntu1~18.04.1) ...
Preparing to unpack .../04-libdrm2_2.4.99-1ubuntu1~18.04.1_amd64.deb ...
Unpacking libdrm2:amd64 (2.4.99-1ubuntu1~18.04.1) over (2.4.97-1ubuntu1~18.04.1) ...
Preparing to unpack .../05-python3-problem-report_2.20.9-0ubuntu7.10_all.deb ...
Unpacking python3-problem-report (2.20.9-0ubuntu7.10) over (2.20.9-0ubuntu7.9) ...
Preparing to unpack .../06-python3-apport_2.20.9-0ubuntu7.10_all.deb ...
Unpacking python3-apport (2.20.9-0ubuntu7.10) over (2.20.9-0ubuntu7.9) ...
Preparing to unpack .../07-apport_2.20.9-0ubuntu7.10_all.deb ...
Unpacking apport (2.20.9-0ubuntu7.10) over (2.20.9-0ubuntu7.9) ...
Preparing to unpack .../08-libubsan0_7.5.0-3ubuntu1~18.04_amd64.deb ...
Unpacking libubsan0:amd64 (7.5.0-3ubuntu1~18.04) over (7.4.0-1ubuntu1~18.04.1) ...
Preparing to unpack .../09-libasan4_7.5.0-3ubuntu1~18.04_amd64.deb ...
Unpacking libasan4:amd64 (7.5.0-3ubuntu1~18.04) over (7.4.0-1ubuntu1~18.04.1) ...
Preparing to unpack .../10-libcilkrts5_7.5.0-3ubuntu1~18.04_amd64.deb ...
Unpacking libcilkrts5:amd64 (7.5.0-3ubuntu1~18.04) over (7.4.0-1ubuntu1~18.04.1) ...
Preparing to unpack .../11-g++-7_7.5.0-3ubuntu1~18.04_amd64.deb ...
Unpacking g++-7 (7.5.0-3ubuntu1~18.04) over (7.4.0-1ubuntu1~18.04.1) ...
Preparing to unpack .../12-gcc-7_7.5.0-3ubuntu1~18.04_amd64.deb ...
Unpacking gcc-7 (7.5.0-3ubuntu1~18.04) over (7.4.0-1ubuntu1~18.04.1) ...
Preparing to unpack .../13-libstdc++-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb ...
Unpacking libstdc++-7-dev:amd64 (7.5.0-3ubuntu1~18.04) over (7.4.0-1ubuntu1~18.04.1) ...
Preparing to unpack .../14-libgcc-7-dev_7.5.0-3ubuntu1~18.04_amd64.deb ...
Unpacking libgcc-7-dev:amd64 (7.5.0-3ubuntu1~18.04) over (7.4.0-1ubuntu1~18.04.1) ...
Preparing to unpack .../15-cpp-7_7.5.0-3ubuntu1~18.04_amd64.deb ...
Unpacking cpp-7 (7.5.0-3ubuntu1~18.04) over (7.4.0-1ubuntu1~18.04.1) ...
Preparing to unpack .../16-gcc-7-base_7.5.0-3ubuntu1~18.04_amd64.deb ...
Unpacking gcc-7-base:amd64 (7.5.0-3ubuntu1~18.04) over (7.4.0-1ubuntu1~18.04.1) ...
Preparing to unpack .../17-mdadm_4.1~rc1-3~ubuntu18.04.3_amd64.deb ...
Unpacking mdadm (4.1~rc1-3~ubuntu18.04.3) over (4.1~rc1-3~ubuntu18.04.2) ...
Preparing to unpack .../18-uidmap_1%3a4.5-1ubuntu2.1_amd64.deb ...
Unpacking uidmap (1:4.5-1ubuntu2.1) over (1:4.5-1ubuntu2) ...
Preparing to unpack .../19-keystone_2%3a13.0.2-0ubuntu3_all.deb ...
Unpacking keystone (2:13.0.2-0ubuntu3) over (2:13.0.2-0ubuntu1) ...
Preparing to unpack .../20-python-keystone_2%3a13.0.2-0ubuntu3_all.deb ...
Unpacking python-keystone (2:13.0.2-0ubuntu3) over (2:13.0.2-0ubuntu1) ...
Setting up libquadmath0:amd64 (8.3.0-26ubuntu1~18.04) ...
Setting up python-keystone (2:13.0.2-0ubuntu3) ...
Setting up libgomp1:amd64 (8.3.0-26ubuntu1~18.04) ...
Setting up libatomic1:amd64 (8.3.0-26ubuntu1~18.04) ...
Setting up libcc1-0:amd64 (8.3.0-26ubuntu1~18.04) ...
Setting up libtsan0:amd64 (8.3.0-26ubuntu1~18.04) ...
Setting up libglib2.0-0:amd64 (2.56.4-0ubuntu0.18.04.5) ...
No schema files found: doing nothing.
Setting up uidmap (1:4.5-1ubuntu2.1) ...
Setting up open-iscsi (2.0.874-5ubuntu2.9) ...
Setting up mdadm (4.1~rc1-3~ubuntu18.04.3) ...
update-initramfs: deferring update (trigger activated)
Sourcing file `/etc/default/grub'
Sourcing file `/etc/default/grub.d/50-cloudimg-settings.cfg'
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-4.15.0-74-generic
Found initrd image: /boot/initrd.img-4.15.0-74-generic
Found linux image: /boot/vmlinuz-4.15.0-70-generic
Found initrd image: /boot/initrd.img-4.15.0-70-generic
File descriptor 3 (pipe:[250058]) leaked on lvs invocation. Parent PID 21042: /bin/sh
done
update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults
Setting up libdrm-common (2.4.99-1ubuntu1~18.04.1) ...
Setting up liblsan0:amd64 (8.3.0-26ubuntu1~18.04) ...
Setting up gcc-7-base:amd64 (7.5.0-3ubuntu1~18.04) ...
Setting up python3-problem-report (2.20.9-0ubuntu7.10) ...
Setting up keystone (2:13.0.2-0ubuntu3) ...
apache2_invoke keystone.conf: no action - site was disabled by local admin
Setting up libmpx2:amd64 (8.3.0-26ubuntu1~18.04) ...
Setting up libglib2.0-data (2.56.4-0ubuntu0.18.04.5) ...
Setting up libitm1:amd64 (8.3.0-26ubuntu1~18.04) ...
Setting up rsyslog (8.32.0-1ubuntu4.1) ...
Installing new version of config file /etc/apparmor.d/usr.sbin.rsyslogd ...
The user `syslog' is already a member of `adm'.
Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
Setting up libasan4:amd64 (7.5.0-3ubuntu1~18.04) ...
Setting up libcilkrts5:amd64 (7.5.0-3ubuntu1~18.04) ...
Setting up libubsan0:amd64 (7.5.0-3ubuntu1~18.04) ...
Setting up python3-apport (2.20.9-0ubuntu7.10) ...
Setting up libgcc-7-dev:amd64 (7.5.0-3ubuntu1~18.04) ...
Setting up cpp-7 (7.5.0-3ubuntu1~18.04) ...
Setting up libdrm2:amd64 (2.4.99-1ubuntu1~18.04.1) ...
Setting up libstdc++-7-dev:amd64 (7.5.0-3ubuntu1~18.04) ...
Setting up apport (2.20.9-0ubuntu7.10) ...
apport-autoreport.service is a disabled or a static unit, not starting it.
Setting up gcc-7 (7.5.0-3ubuntu1~18.04) ...
Setting up g++-7 (7.5.0-3ubuntu1~18.04) ...
Processing triggers for libc-bin (2.27-3ubuntu1) ...
Processing triggers for systemd (237-3ubuntu10.33) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for ureadahead (0.100.0-21) ...
Processing triggers for initramfs-tools (0.130ubuntu3.9) ...
update-initramfs: Generating /boot/initrd.img-4.15.0-74-generic
root@juju-5d5897-lp1850634-3:/var/log/keystone# systemctl restart apache2

~  $  openstack user list --domain userdomain
+------------------------------------------------------------------+----------+
| ID                                                               | Name     |
+------------------------------------------------------------------+----------+
| 6c54085114683984e628d5d8ea305840f17d30927bf4424975391db9ae0bf48e | Jane Doe |
| 1cf2bfb329d67343d6154b239131a68a4c4c4e4701db5540872de0d269e30765 | John Doe |
+------------------------------------------------------------------+----------+
 ~  $  openstack group list --domain userdomain
+------------------------------------------------------------------+-------+
| ID                                                               | Name  |
+------------------------------------------------------------------+-------+
| fe33dc32de168eeea2747035b4218df9f1134fd02864ea0eabc5853d9458dda5 | cloud |
+------------------------------------------------------------------+-------+
 ~  $  openstack user list --group cloud --domain userdomain
+------------------------------------------------------------------+----------+
| ID                                                               | Name     |
+------------------------------------------------------------------+----------+
| 1cf2bfb329d67343d6154b239131a68a4c4c4e4701db5540872de0d269e30765 | John Doe |
| 6c54085114683984e628d5d8ea305840f17d30927bf4424975391db9ae0bf48e | Jane Doe |
+------------------------------------------------------------------+----------+

tags:

added: verification-done-bionic
removed: verification-needed-bionic

Revision history for this message

Felipe Reyes (freyes) wrote on 2020-01-13:

#8

Download full text (16.2 KiB)

verified xenial-queens, no regressions detected, testing journal:

$ time tox -e func-smoke
func-smoke installed: DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support,amulet==1.21.0,aodhclient==1.5.0,appdirs==1.4.3,Babel==2.8.0,backports.os==0.1.1,blessings==1.6,bundletester==0.12.2,certifi==2019.11.28,cffi==1.13.2,chardet==3.0.4,charm-tools==2.7.2,charmhelpers==0.20.7,Cheetah3==3.2.4,cliff==2.18.0,cmd2==0.8.9,colander==1.7.0,configparser==4.0.2,contextlib2==0.6.0.post1,coverage==5.0.3,cryptography==2.8,debtcollector==1.22.0,decorator==4.4.1,dict2colander==0.2,distro==1.4.0,distro-info==0.0.0,dogpile.cache==0.9.0,entrypoints==0.3,enum34==1.1.6,extras==1.0.0,fasteners==0.15,fixtures==3.0.0,flake8==2.4.1,funcsigs==1.0.2,functools32==3.2.3.post2,future==0.18.2,futures==3.3.0,futurist==1.10.0,gnocchiclient==3.1.1,httplib2==0.15.0,idna==2.8,importlib-metadata==1.4.0,ipaddress==1.0.23,iso8601==0.1.12,Jinja2==2.10.3,jmespath==0.9.4,jsonpatch==1.24,jsonpointer==2.0,jsonschema==2.5.1,juju-deployer==0.11.0,juju-wait==2.5.0,jujubundlelib==0.5.6,jujuclient==0.54.0,keyring==18.0.1,keystoneauth1==3.18.0,launchpadlib==1.10.9,lazr.authentication==0.1.3,lazr.restfulclient==0.14.2,lazr.uri==1.0.3,libcharmstore==0.0.9,linecache2==1.0.0,macaroonbakery==1.2.3,MarkupSafe==1.1.1,mccabe==0.3.1,mock==3.0.5,monotonic==1.5,more-itertools==5.0.0,msgpack==0.6.2,munch==2.5.0,netaddr==0.7.19,netifaces==0.10.9,nose==1.3.7,oauth==1.0.1,oauthlib==3.1.0,openstacksdk==0.39.0,os-client-config==2.0.0,os-service-types==1.7.0,osc-lib==1.15.0,oslo.concurrency==3.31.0,oslo.config==7.0.0,oslo.context==2.23.0,oslo.i18n==3.25.1,oslo.log==3.45.2,oslo.serialization==2.29.2,oslo.utils==3.42.1,osprofiler==2.9.0,otherstuf==1.1.0,parse==1.14.0,path.py==11.5.2,pathlib2==2.3.5,pathspec==0.3.4,pbr==5.4.4,pep8==1.7.1,pika==0.13.1,pkg-resources==0.0.0,prettytable==0.7.2,protobuf==3.11.2,pycparser==2.19,pyflakes==0.8.1,pyinotify==0.9.6,pymacaroons==0.13.0,PyNaCl==1.3.0,pyOpenSSL==19.1.0,pyparsing==2.4.6,pyperclip==1.7.0,pyRFC3339==1.1,python-barbicanclient==4.9.0,python-ceilometerclient==2.9.0,python-cinderclient==4.3.0,python-dateutil==2.8.1,python-designateclient==3.0.0,python-glanceclient==2.17.0,python-heatclient==1.18.0,python-keystoneclient==3.22.0,python-manilaclient==1.29.0,python-mimeparse==1.6.0,python-neutronclient==6.14.0,python-novaclient==16.0.0,python-openstackclient==4.0.0,python-subunit==1.3.0,python-swiftclient==3.8.1,pytz==2019.3,pyudev==0.21.0,PyYAML==3.13,requests==2.22.0,requestsexceptions==1.4.0,rfc3986==1.3.2,ruamel.ordereddict==0.4.14,ruamel.yaml==0.15.100,scandir==1.10.0,SecretStorage==2.3.1,simplejson==3.17.0,six==1.13.0,stestr==2.6.0,stevedore==1.31.0,stuf==0.9.16,subprocess32==3.5.4,Tempita==0.5.2,testresources==2.0.1,testtools==2.3.0,theblues==0.5.2,traceback2==1.4.0,translationstring==1.3,unicodecsv==0.14.1,unittest2==1.1.0,urllib3==1.25.7,vergit==1.0.2,virtualenv==16.7.9,volu...

verified xenial-queens, no regressions detected, testing journal:

$  time tox -e func-smoke
func-smoke installed: DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support,amulet==1.21.0,aodhclient==1.5.0,appdirs==1.4.3,Babel==2.8.0,backports.os==0.1.1,blessings==1.6,bundletester==0.12.2,certifi==2019.11.28,cffi==1.13.2,chardet==3.0.4,charm-tools==2.7.2,charmhelpers==0.20.7,Cheetah3==3.2.4,cliff==2.18.0,cmd2==0.8.9,colander==1.7.0,configparser==4.0.2,contextlib2==0.6.0.post1,coverage==5.0.3,cryptography==2.8,debtcollector==1.22.0,decorator==4.4.1,dict2colander==0.2,distro==1.4.0,distro-info==0.0.0,dogpile.cache==0.9.0,entrypoints==0.3,enum34==1.1.6,extras==1.0.0,fasteners==0.15,fixtures==3.0.0,flake8==2.4.1,funcsigs==1.0.2,functools32==3.2.3.post2,future==0.18.2,futures==3.3.0,futurist==1.10.0,gnocchiclient==3.1.1,httplib2==0.15.0,idna==2.8,importlib-metadata==1.4.0,ipaddress==1.0.23,iso8601==0.1.12,Jinja2==2.10.3,jmespath==0.9.4,jsonpatch==1.24,jsonpointer==2.0,jsonschema==2.5.1,juju-deployer==0.11.0,juju-wait==2.5.0,jujubundlelib==0.5.6,jujuclient==0.54.0,keyring==18.0.1,keystoneauth1==3.18.0,launchpadlib==1.10.9,lazr.authentication==0.1.3,lazr.restfulclient==0.14.2,lazr.uri==1.0.3,libcharmstore==0.0.9,linecache2==1.0.0,macaroonbakery==1.2.3,MarkupSafe==1.1.1,mccabe==0.3.1,mock==3.0.5,monotonic==1.5,more-itertools==5.0.0,msgpack==0.6.2,munch==2.5.0,netaddr==0.7.19,netifaces==0.10.9,nose==1.3.7,oauth==1.0.1,oauthlib==3.1.0,openstacksdk==0.39.0,os-client-config==2.0.0,os-service-types==1.7.0,osc-lib==1.15.0,oslo.concurrency==3.31.0,oslo.config==7.0.0,oslo.context==2.23.0,oslo.i18n==3.25.1,oslo.log==3.45.2,oslo.serialization==2.29.2,oslo.utils==3.42.1,osprofiler==2.9.0,otherstuf==1.1.0,parse==1.14.0,path.py==11.5.2,pathlib2==2.3.5,pathspec==0.3.4,pbr==5.4.4,pep8==1.7.1,pika==0.13.1,pkg-resources==0.0.0,prettytable==0.7.2,protobuf==3.11.2,pycparser==2.19,pyflakes==0.8.1,pyinotify==0.9.6,pymacaroons==0.13.0,PyNaCl==1.3.0,pyOpenSSL==19.1.0,pyparsing==2.4.6,pyperclip==1.7.0,pyRFC3339==1.1,python-barbicanclient==4.9.0,python-ceilometerclient==2.9.0,python-cinderclient==4.3.0,python-dateutil==2.8.1,python-designateclient==3.0.0,python-glanceclient==2.17.0,python-heatclient==1.18.0,python-keystoneclient==3.22.0,python-manilaclient==1.29.0,python-mimeparse==1.6.0,python-neutronclient==6.14.0,python-novaclient==16.0.0,python-openstackclient==4.0.0,python-subunit==1.3.0,python-swiftclient==3.8.1,pytz==2019.3,pyudev==0.21.0,PyYAML==3.13,requests==2.22.0,requestsexceptions==1.4.0,rfc3986==1.3.2,ruamel.ordereddict==0.4.14,ruamel.yaml==0.15.100,scandir==1.10.0,SecretStorage==2.3.1,simplejson==3.17.0,six==1.13.0,stestr==2.6.0,stevedore==1.31.0,stuf==0.9.16,subprocess32==3.5.4,Tempita==0.5.2,testresources==2.0.1,testtools==2.3.0,theblues==0.5.2,traceback2==1.4.0,translationstring==1.3,unicodecsv==0.14.1,unittest2==1.1.0,urllib3==1.25.7,vergit==1.0.2,virtualenv==16.7.9,voluptuous==0.11.7,wadllib==1.3.3,warlock==1.3.3,wcwidth==0.1.8,WebOb==1.8.5,websocket-client==0.40.0,wrapt==1.11.2,wsgi-intercept==1.9.1,zipp==0.6.0,zope.interface==4.7.1
func-smoke run-test-pre: PYTHONHASHSEED='0'
func-smoke runtests: commands[0] | bundletester -vl DEBUG -r json -o func-results.json gate-basic-xenial-queens --no-destroy
DEBUG:bundletester.utils:Updating JUJU_MODEL: "" -> "stsstack-stsstack:admin/lp1850634"
DEBUG:root:Bootstrap environment: stsstack-stsstack:admin/lp1850634
DEBUG:deployer.env:Connecting to stsstack-stsstack:admin/lp1850634...
DEBUG:jujuclient.connector:Connecting to wss://10.5.0.14:17070/model/5758a1f7-8fb1-42a8-8df9-d19c6bec7804/api
DEBUG:deployer.env:Connected.
DEBUG:deployer.env: Terminating machines forcefully
INFO:deployer.env:  Waiting for machine termination
DEBUG:jujuclient.connector:Connecting to wss://10.5.0.14:17070/model/5758a1f7-8fb1-42a8-8df9-d19c6bec7804/api
DEBUG:root:Waiting for applications to be removed...
DEBUG:runner:call ['/home/freyes/Projects/charms/openstack/builds/keystone-ldap/.tox/func-smoke/bin/charm-proof'] (cwd: /tmp/bundletester-V3u4BE/keystone-ldap)
DEBUG:runner:I: `display-name` not provided, add for custom naming in the UI
DEBUG:runner:I: config.yaml: option ssl_key has no default value
DEBUG:runner:I: config.yaml: option ssl_cert has no default value
DEBUG:runner:I: config.yaml: option ldap-user has no default value
DEBUG:runner:I: config.yaml: option ldap-server has no default value
DEBUG:runner:I: config.yaml: option ssl_ca has no default value
DEBUG:runner:I: config.yaml: option ldap-password has no default value
DEBUG:runner:I: config.yaml: option domain-name has no default value
DEBUG:runner:I: config.yaml: option ldap-suffix has no default value
DEBUG:runner:I: config.yaml: option ldap-config-flags has no default value
DEBUG:runner:I: config.yaml: option tls-ca-ldap has no default value
DEBUG:runner:Exit Code: 0
DEBUG:deployer.env: Terminating machines forcefully
INFO:deployer.env:  Waiting for machine termination
DEBUG:jujuclient.connector:Connecting to wss://10.5.0.14:17070/model/5758a1f7-8fb1-42a8-8df9-d19c6bec7804/api
DEBUG:root:Waiting for applications to be removed...
DEBUG:runner:call ['/tmp/bundletester-V3u4BE/keystone-ldap/tests/gate-basic-xenial-queens'] (cwd: /tmp/bundletester-V3u4BE/keystone-ldap)
DEBUG:runner:2020-01-13 18:41:24,080 __init__ INFO: OpenStackAmuletDeployment:  init
DEBUG:runner:2020-01-13 18:41:24,080 _add_services INFO: OpenStackAmuletDeployment:  adding services
DEBUG:runner:2020-01-13 18:41:24,080 _determine_branch_locations INFO: OpenStackAmuletDeployment:  determine branch locations
DEBUG:runner:2020-01-13 18:41:27 Starting deployment of stsstack-stsstack:admin/lp1850634
DEBUG:runner:2020-01-13 18:41:29 Deploying applications...
DEBUG:runner:2020-01-13 18:41:29  Deploying application keystone using cs:~openstack-charmers-next/keystone-473
DEBUG:runner:2020-01-13 18:41:39  Deploying application keystone-ldap using /tmp/charmyxiNiN/xenial/keystone-ldap
DEBUG:runner:2020-01-13 18:44:09  Deploying application ldap-server using /tmp/charmokoKnX/xenial/charm-ldap-test-fixture
DEBUG:runner:2020-01-13 18:44:15  Deploying application percona-cluster using cs:~openstack-charmers-next/percona-cluster-358
DEBUG:runner:2020-01-13 18:44:28 Config specifies num units for subordinate: keystone-ldap
DEBUG:runner:2020-01-13 18:51:25 Adding relations...
DEBUG:runner:2020-01-13 18:51:25  Adding relation keystone:shared-db <-> percona-cluster:shared-db
DEBUG:runner:2020-01-13 18:51:26  Adding relation keystone:domain-backend <-> keystone-ldap:domain-backend
DEBUG:runner:2020-01-13 18:54:26 Deployment complete in 779.30 seconds
DEBUG:runner:2020-01-13 18:55:13,946 _configure_services INFO: OpenStackAmuletDeployment:  configure services
DEBUG:runner:2020-01-13 18:55:17,951 __init__ INFO: Waiting on extended status checks...
DEBUG:runner:2020-01-13 18:55:17,952 _auto_wait_for_status INFO: Waiting for extended status on units for 5400s...
DEBUG:runner:2020-01-13 18:55:17,952 _auto_wait_for_status DEBUG: Default extended status wait match:  contains READY (case-insensitive)
DEBUG:runner:2020-01-13 18:55:17,953 _auto_wait_for_status DEBUG: Excluding services from extended status match: ['mysql', 'mongodb']
DEBUG:runner:2020-01-13 18:55:17,954 _auto_wait_for_status DEBUG: Waiting up to 5400s for extended status on services: ['keystone-ldap', 'keystone', 'ldap-server', 'percona-cluster']
DEBUG:runner:2020-01-13 18:55:27,996 _auto_wait_for_status INFO: OK
DEBUG:runner:2020-01-13 18:56:33,309 get_default_keystone_session DEBUG: Authenticating keystone admin...
DEBUG:runner:Exit Code: 0
DEBUG:bundletester.utils:Updating JUJU_MODEL: "stsstack-stsstack:admin/lp1850634" -> ""
___________________________________________________________________________________________________________________ summary ___________________________________________________________________________________________________________________
  func-smoke: commands succeeded
  congratulations :)

real	15m25,243s
user	0m9,443s
sys	0m4,199s
 ~  $  juju ssh keystone/0 sudo su -
root@juju-ec7804-lp1850634-0:~# vim /etc/keystone/domains/keystone.userdomain.conf
root@juju-ec7804-lp1850634-0:~# systemctl restart keystone
Failed to restart keystone.service: Unit keystone.service is masked.
root@juju-ec7804-lp1850634-0:~# systemctl restart apache2
root@juju-ec7804-lp1850634-0:~# cat /etc/keystone/domains/keystone.userdomain.conf
[ldap]
url = ldap://10.5.0.11
user = cn=admin,dc=test,dc=com
password = crapper
suffix = dc=test,dc=com

user_allow_create = False
user_allow_update = False
user_allow_delete = False

group_allow_create = False
group_allow_update = False
group_allow_delete = False

# Upstream release note for more context:
# Fixed the problem where Keystone indiscriminately return the first RDN
# as the user ID, regardless whether it matches the configured
# 'user_id_attribute' or not. This will break deployments where
# 'group_members_are_ids' are set to False and 'user_id_attribute' is not
# in the DN. This patch will perform a lookup by DN if the first RND does
# not match the configured 'user_id_attribute'.

###### Test scenario 1 (exercises else path in _dn_to_id) ######
# Prior to bug 1782922 fix, 'openstack user list --group cloud --domain userdomain'
# returns nothing.
# After bug 1782922 fix, 'openstack user list --group cloud --domain userdomain'
# returns users. _dn_to_id() takes new else path, where 'ID' attribute is not in
# the DN, and LDAP search is performed to look it up from the user entry itself.
group_id_attribute = businessCategory
group_name_attribute = businessCategory
group_member_attribute = member
group_members_are_ids = False
group_objectclass = groupOfNames

group_tree_dn = ou=groups,dc=test,dc=com
#user_id_attribute = uidNumber
user_objectclass = inetOrgPerson
user_tree_dn = ou=users,dc=test,dc=com

###### Test scenario 2 (exercises if path in _dn_to_id) ######
# Configuration is same as above except user_id_attribute not specified.

# User supplied configuration flags
[identity]
driver = ldap

root@juju-ec7804-lp1850634-0:~# add-apt-repository cloud-archive:queens-proposed
 Ubuntu Cloud Archive for OpenStack Queens [proposed]
 More info: https://wiki.ubuntu.com/OpenStack/CloudArchive
Press [ENTER] to continue or ctrl-c to cancel adding it

Reading package lists...
Building dependency tree...
Reading state information...
ubuntu-cloud-keyring is already the newest version (2012.08.14).
0 upgraded, 0 newly installed, 0 to remove and 12 not upgraded.
root@juju-ec7804-lp1850634-0:~# apt-get update -qq
0root@juju-ec7804-lp1850634-0:~# apt policy keystone
keystone:
  Installed: 2:13.0.2-0ubuntu1~cloud0
  Candidate: 2:13.0.2-0ubuntu3~cloud0
  Version table:
     2:13.0.2-0ubuntu3~cloud0 500
        500 http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-proposed/queens/main amd64 Packages
 *** 2:13.0.2-0ubuntu1~cloud0 500
        500 http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/queens/main amd64 Packages
        100 /var/lib/dpkg/status
     2:9.3.0-0ubuntu3.2 500
        500 http://nova.clouds.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
     2:9.3.0-0ubuntu3.1 500
        500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
     2:9.0.0-0ubuntu1 500
        500 http://nova.clouds.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
root@juju-ec7804-lp1850634-0:~# apt-get upgrade -y -qq
(Reading database ... 98483 files and directories currently installed.)
Preparing to unpack .../dh-python_3.20180325ubuntu2~cloud1_all.deb ...
Unpacking dh-python (3.20180325ubuntu2~cloud1) over (2.20151103ubuntu1.2) ...
Preparing to unpack .../libhogweed4_3.4-1~cloud0_amd64.deb ...
Unpacking libhogweed4:amd64 (3.4-1~cloud0) over (3.2-1ubuntu0.16.04.1) ...
Preparing to unpack .../libnettle6_3.4-1~cloud0_amd64.deb ...
Unpacking libnettle6:amd64 (3.4-1~cloud0) over (3.2-1ubuntu0.16.04.1) ...
Preparing to unpack .../dnsmasq-base_2.79-1~cloud0_amd64.deb ...
Unpacking dnsmasq-base (2.79-1~cloud0) over (2.75-1ubuntu0.16.04.5) ...
Preparing to unpack .../libnuma1_2.0.11-2.1ubuntu0.1~cloud0_amd64.deb ...
Unpacking libnuma1:amd64 (2.0.11-2.1ubuntu0.1~cloud0) over (2.0.11-1ubuntu1.1) ...
Preparing to unpack .../python3-cffi-backend_1.11.5-1~cloud0_amd64.deb ...
Unpacking python3-cffi-backend (1.11.5-1~cloud0) over (1.5.2-1ubuntu1) ...
Preparing to unpack .../python3-chardet_3.0.4-1~cloud0_all.deb ...
Unpacking python3-chardet (3.0.4-1~cloud0) over (2.3.0-2) ...
Preparing to unpack .../python3-dnspython_1.15.0-1~cloud0_all.deb ...
Unpacking python3-dnspython (1.15.0-1~cloud0) over (1.12.0-0ubuntu3) ...
Preparing to unpack .../python3-idna_2.6-1~cloud0_all.deb ...
Unpacking python3-idna (2.6-1~cloud0) over (2.0-3) ...
Preparing to unpack .../keystone_2%3a13.0.2-0ubuntu3~cloud0_all.deb ...
Unpacking keystone (2:13.0.2-0ubuntu3~cloud0) over (2:13.0.2-0ubuntu1~cloud0) ...
Preparing to unpack .../python-keystone_2%3a13.0.2-0ubuntu3~cloud0_all.deb ...
Unpacking python-keystone (2:13.0.2-0ubuntu3~cloud0) over (2:13.0.2-0ubuntu1~cloud0) ...
Processing triggers for man-db (2.7.5-1) ...
Processing triggers for libc-bin (2.23-0ubuntu11) ...
Processing triggers for dbus (1.10.6-1ubuntu3.5) ...
Setting up dh-python (3.20180325ubuntu2~cloud1) ...
Setting up libnettle6:amd64 (3.4-1~cloud0) ...
Setting up libhogweed4:amd64 (3.4-1~cloud0) ...
Setting up dnsmasq-base (2.79-1~cloud0) ...
Setting up libnuma1:amd64 (2.0.11-2.1ubuntu0.1~cloud0) ...
Setting up python3-cffi-backend (1.11.5-1~cloud0) ...
Setting up python3-chardet (3.0.4-1~cloud0) ...
Setting up python3-dnspython (1.15.0-1~cloud0) ...
Setting up python3-idna (2.6-1~cloud0) ...
Setting up python-keystone (2:13.0.2-0ubuntu3~cloud0) ...
Setting up keystone (2:13.0.2-0ubuntu3~cloud0) ...
apache2_invoke keystone.conf: no action - site was disabled by maintainer
Processing triggers for libc-bin (2.23-0ubuntu11) ...
root@juju-ec7804-lp1850634-0:~# apt policy keystone
keystone:
  Installed: 2:13.0.2-0ubuntu3~cloud0
  Candidate: 2:13.0.2-0ubuntu3~cloud0
  Version table:
 *** 2:13.0.2-0ubuntu3~cloud0 500
        500 http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-proposed/queens/main amd64 Packages
        100 /var/lib/dpkg/status
     2:13.0.2-0ubuntu1~cloud0 500
        500 http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/queens/main amd64 Packages
     2:9.3.0-0ubuntu3.2 500
        500 http://nova.clouds.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
     2:9.3.0-0ubuntu3.1 500
        500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
     2:9.0.0-0ubuntu1 500
        500 http://nova.clouds.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
root@juju-ec7804-lp1850634-0:~# systemctl restart apache2

~  $  source ~/Projects/charms/openstack/openstack-charm-testing/novarcv3_project 
 ~  $  openstack user list --domain userdomain
+------------------------------------------------------------------+----------+
| ID                                                               | Name     |
+------------------------------------------------------------------+----------+
| 37a490a14a5201a644c695ed35a7e355e7eead80914a51cd406479214b20c357 | Jane Doe |
| 2a82add35294eef417cc36f1aa1d6eea00fb66553fff720b4751c4410577d91c | John Doe |
+------------------------------------------------------------------+----------+
 ~  $  openstack group list --domain userdomain
+------------------------------------------------------------------+-------+
| ID                                                               | Name  |
+------------------------------------------------------------------+-------+
| c21e634e4bcb086cceed8c2bfdfdc4237729f6181d85ba52203f892d041b9ec8 | cloud |
+------------------------------------------------------------------+-------+
 ~  $  openstack user list --group cloud --domain userdomain
+------------------------------------------------------------------+----------+
| ID                                                               | Name     |
+------------------------------------------------------------------+----------+
| 2a82add35294eef417cc36f1aa1d6eea00fb66553fff720b4751c4410577d91c | John Doe |
| 37a490a14a5201a644c695ed35a7e355e7eead80914a51cd406479214b20c357 | Jane Doe |
+------------------------------------------------------------------+----------+

tags:	added: verification-queens-done removed: verification-queens-needed
tags:	added: verification-done removed: verification-needed

Revision history for this message

Chris Halse Rogers (raof) wrote on 2020-01-15: Update Released

#9

The verification of the Stable Release Update for keystone has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-01-15:

#10

This bug was fixed in the package keystone - 2:13.0.2-0ubuntu3

---------------
keystone (2:13.0.2-0ubuntu3) bionic; urgency=medium

* d/p/0002-fixing-dn-to-id.patch: Dropped. This patch shouldn't have
been backported to stable/queens (LP: #1850634).

-- Corey Bryant <email address hidden> Wed, 30 Oct 2019 08:55:58 -0400

Changed in keystone (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Corey Bryant (corey.bryant) wrote on 2020-01-15:

#11

The verification of the Stable Release Update for keystone has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message

Corey Bryant (corey.bryant) wrote on 2020-01-15:

#12

This bug was fixed in the package keystone - 2:13.0.2-0ubuntu3~cloud0
---------------

keystone (2:13.0.2-0ubuntu3~cloud0) xenial-queens; urgency=medium
.
   * New update for the Ubuntu Cloud Archive.
.
keystone (2:13.0.2-0ubuntu3) bionic; urgency=medium
.
   * d/p/0002-fixing-dn-to-id.patch: Dropped. This patch shouldn't have
     been backported to stable/queens (LP: #1850634).

OpenStack Identity (keystone)

queens regresion: _dn_to_id() not using utf8_encode/decode

Bug Description

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to	Milestone
OpenStack Identity (keystone)	Triaged	Low	Corey Bryant	OpenStack Identity (keystone) ussuri-1
Ubuntu Cloud Archive	Invalid	Undecided	Unassigned
Queens	Fix Released	High	Corey Bryant
keystone (Ubuntu)	Invalid	Undecided	Unassigned
Bionic	Fix Released	High	Corey Bryant