-
Bug
-
Resolution: Unresolved
-
Critical
-
rhos-18.0.17 FR 5
-
None
-
3
-
False
-
-
False
-
?
-
rhos-ops-platform-services-pidone
-
None
-
-
-
-
Critical
To Reproduce Steps to reproduce the behavior:
- deploy controlplane
- delete rabbitmqcluster (not rabbitmq)
- verify that "oc get secret rabbitmq-default-user -n openstack -o jsonpath='{.data.default_user\.conf}' | base64 -d " output is different from "rabbitmqctl list_users"
[zuul@localhost ~]$ oc delete rabbitmqcluster.rabbitmq.com/rabbitmq rabbitmqcluster.rabbitmq.com "rabbitmq" deleted [zuul@localhost ~]$ oc get secret rabbitmq-default-user -n openstack -o jsonpath='{.data.default_user\.conf}' | base64 -d default_user = default_user_1pXRuVQQEEcDnCUXW1j default_pass = Kq3bwP01lbXFpZNFyhqO2QyfPdzyjRCN [zuul@localhost ~]$ oc rsh rabbitmq-server-0 rabbitmqctl list_users Defaulted container "rabbitmq" out of: rabbitmq, setup-container (init) Listing users ... user tags default_user__bf82SFFfuJw1bqPSKO [administrator]
Expected behavior
- default user should be in sync
There are a number of issues:
1. we don't block the deletion of rabbitmqcluster (rabbitmq cr should set a finalizer on the rabbitmqcluster cr)
2. mnesia storage is not wiped automatically when cluster is recreated, so potentially can have stale data
3. deleting rabbitmqcluster directly triggers creation of a new user ignoring the existing rabbitmq-default-user secret that was created by infra-operator when rabbitmq cr is created.
4. one more issue is that this breaks the rabbitmquser and vhosts, as they access to the rabbitmq management api will be broken b/c of the wrong user/pwd.
