trust invalid when user is disabled

Bug #1752433 reported by Ricardo Rocha
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Status tracked in Rocky
In Progress
Sayali Lunkad

Bug Description

Magnum clusters rely on trusts to authenticate with OpenStack services. This is created at cluster time, and belongs to the user that launched the cluster.

When that user is disabled or the account is deleted, the trust is no longer valid and the cluster becomes unhealthy as it cannot talk to OpenStack any longer. Magnum relies on it for different operations.

As project trusts (or app credentials) are not possible:
( see )

one option is to add a magnum command to renew the trust, setting it to the user issuing that command.

Revision history for this message
Spyros Trigazis (strigazi) wrote :

This change will also solve the heat trustor when this bug is fixed in heat.

Changed in magnum:
assignee: nobody → Sayali Lunkad (sayalilunkad)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to magnum (master)

Fix proposed to branch: master

Changed in magnum:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on magnum (master)

Change abandoned by Spyros Trigazis (<email address hidden>) on branch: master
Reason: The magnum team is cleaning up the backlog of changes older than 30 days. Feel to restore your patch.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.