Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-10935

Unable to override default barbican configuration

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • rhos-18.0.4
    • None
    • barbican-operator
    • None
    • 2
    • False
    • Hide

      None

      Show
      None
    • False
    • ?
    • No Docs Impact
    • ?
    • ?
    • None
    • Hide
      .Custom configuration support for Barbican services

      Before this update, there was an issue in `common_types.go`, preventing the `customServiceConfig` field in the Barbican custom resource definition (CRD) from being applied correctly.
      With this update, the problem has been resolved, allowing custom configuration to be correctly generated and applied.
      Show
      .Custom configuration support for Barbican services Before this update, there was an issue in `common_types.go`, preventing the `customServiceConfig` field in the Barbican custom resource definition (CRD) from being applied correctly. With this update, the problem has been resolved, allowing custom configuration to be correctly generated and applied.
    • Bug Fix
    • Done
    • DFG Security: UC Sprint 104, DFG Security: UC Sprint 105
    • Moderate

      Describe your problem. Include specific actions and error messages.
      Hi,

      We're not able to apply a configuration setting on barbican configuration in our RHOSO 18 beta deployment even if it seems supported in the OpenstackControlPlane CRD.

      Here a sample of the barbican section:

      barbican:
      apiOverride:
      route: {}
      enabled: true
      template:

      1. NOK
        nodeSelector:
        workload-type: stateless
        barbicanAPI:
        customServiceConfig: |
        [DEFAULT]
        max_allowed_secret_in_bytes = 1048576
        override:
        service:
        internal:
        metadata:
        annotations:
        metallb.universe.tf/address-pool: internalapi
        metallb.universe.tf/allow-shared-ip: internalapi
        metallb.universe.tf/loadBalancerIPs: 171.69.249.100
        spec:
        type: LoadBalancer
        replicas: 1
        nodeSelector:
        workload-type: stateless
        barbicanKeystoneListener:
        replicas: 3
        nodeSelector:
        workload-type: stateless
        barbicanWorker:
        replicas: 3
        nodeSelector:
        workload-type: stateless
        databaseInstance: openstack
        secret: osp-secret
        passwordSelectors:
        database: BarbicanDatabasePassword
        service: BarbicanPassword
        databaseUser: 'barbican'
        rabbitMqClusterName: 'rabbitmq'
        serviceUser: barbican

      The parameter we wish to override is:
      [DEFAULT]
      max_allowed_secret_in_bytes = 1048576

      I'm preparing a must-gather export in the meantinme.

      Regards,

      Describe the impact to you or the business
      Functionnal octavia/barbican tests on RHOSO18 beta are stopped.

      In what environment are you experiencing this behavior?
      LAB (non-prod).

      How frequently does this behavior occur? Does it occur repeatedly or at certain times?
      Always

              rh-ee-vfisarov Veronika Fisarova
              rhn-support-dhill Dave Hill
              rhos-dfg-security
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: