In an environment with TLSe setup with tripleo-ipa, Compute node replacement procedure fails to remove compute node

Solution Unverified - Updated

Environment

Red Hat OpenStack Platform 16.1

Issue

Why does the tripleo_ipa_cleanup task fail with the the error: "sudo: unable to open /run/sudo/ts/mistral: Permission denied\nsudo: a password is required\n"?

Resolution

The bug for this is was patched as part of this Errata
https://access.redhat.com/errata/RHEA-2020:4284
This content is not included.https://bugzilla.redhat.com/show_bug.cgi?id=1866562

Before this patch , you could not scale down or delete compute nodes if Red Hat OpenStack Platform is deployed with TLS-e using tripleo-ipa.

Before the templates were patched a workaround was to change the value of the delegate_to key of the scale down tasks from localhost to undercloud in the ipaservices-baremetal-ansible.yaml heat template in the /usr/share/openstack-tripleo-heat-templates/deployment/ipa directory.

Root Cause

The cleanup role, traditionally delegated to the undercloud as localhost, is now being invoked from the mistral container.

Product(s)

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.