<div dir="ltr">Hey,<br><br>You mention that you're not using any external authentication like IPA. But you have novajoin enabled:<br><b>enable_novajoin = true<br></b><br>Set that to false and re-run the undercloud install. Novajoin is used for TLS-Everywhere and requires that you have a IPA server setup and some prerequisites before running the undercloud install:<br><a href="https://docs.openstack.org/project-deploy-guide/tripleo-docs/latest/features/tls-everywhere.html#tls-everywhere-with-novajoin">https://docs.openstack.org/project-deploy-guide/tripleo-docs/latest/features/tls-everywhere.html#tls-everywhere-with-novajoin</a><br><br>So if that isn't your intention, you will want to disable it.<br><br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div>
<p style="font-weight:bold;margin:0px;padding:0px;font-size:14px;text-transform:capitalize;font-family:"RedHatText",sans-serif">
<span>Brendan</span> <span>Shephard</span><span style="color:rgb(170,170,170);margin:0px"></span>
</p>
<p style="font-weight:normal;font-size:12px;margin:0px;text-transform:capitalize;font-family:"RedHatText",sans-serif">
<span>Software Engineer</span>
</p>
<p style="font-weight:normal;margin:0px 0px 4px;font-size:12px;font-family:"RedHatText",sans-serif">
<a style="color:rgb(0,136,206);font-size:12px;margin:0px;text-decoration:none;font-family:"RedHatText",sans-serif" href="https://www.redhat.com" target="_blank">Red Hat <span>APAC</span></a>
</p>
<div style="margin-bottom:4px">
<span>
<p style="font-size:12px;margin:0px;font-family:"RedHatText",sans-serif">193 N Quay</p>
</span>
<span>
<p style="font-size:12px;margin:0px;font-family:"RedHatText",sans-serif">Brisbane City QLD 4000</p>
</span>
</div>
<div style="font-weight:normal;font-size:12px;font-family:"RedHatText",sans-serif;margin-bottom:8px">
<div>
<a href="https://twitter.com/redhat" title="twitter" style="background:transparent url("https://marketing-outfit-prod-images.s3-us-west-2.amazonaws.com/3780bd4ede961ef3cd4108b8c0e80186/web-icon-twitter.png") no-repeat scroll 0px 50%/13px auto;text-decoration:none;color:rgb(0,0,0);display:inline-block;line-height:20px;padding-left:13px" target="_blank">
<span style="margin-left:2px">@RedHat</span>
</a>
<a href="https://www.linkedin.com/company/red-hat" title="LinkedIn" style="background:transparent url("https://marketing-outfit-prod-images.s3-us-west-2.amazonaws.com/8d3507e3c6b6c9ad10e301accf1a4af0/web-icon-linkedin.png") no-repeat scroll 0px 50%/12px auto;text-decoration:none;color:rgb(0,0,0);display:inline-block;line-height:20px;padding-left:12px;margin:0px 4px 0px 3px;padding-top:1px" target="_blank">
<span style="margin-left:4px">Red Hat</span>
</a>
<a href="https://www.facebook.com/RedHatInc" title="Facebook" style="background:transparent url("https://marketing-outfit-prod-images.s3-us-west-2.amazonaws.com/220b85e2f100025e94cb1bcd993bd51d/web-icon-facebook.png") no-repeat scroll 0px 50%/11px auto;text-decoration:none;color:rgb(0,0,0);display:inline-block;line-height:20px;padding-left:13px" target="_blank">
<span>Red Hat</span>
</a>
</div>
</div>
<div style="margin-top:12px">
<table border="0">
<tbody><tr>
<td width="100px"><a href="https://red.ht/sig" target="_blank"> <img src="https://static.redhat.com/libs/redhat/brand-assets/latest/corp/logo.png" width="90" height="auto"></a> </td>
<td style="font-weight:normal;font-size:12px">
<div><a href="https://redhat.com/summit" style="text-decoration:none" target="_blank"><img style="outline:currentcolor none 0px" src="https://static.redhat.com/libs/redhat/brand-assets/latest/events/red-hat-summit.png" width="53px" height="auto"></a></div>
</td>
</tr>
</tbody></table>
</div>
</div><span></span></div></div></div></div></div></div></div></div></div></div></div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Aug 6, 2021 at 12:38 AM wodel youchi <<a href="mailto:wodel.youchi@gmail.com">wodel.youchi@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Hi,</div><div>I am trying to install the undercloud using the Train version on CentOS 8 Stream.</div><div>I am using container-tools 3.0</div><div><br></div><div>I have installed : <br></div><div><b>yum install -y python3-tripleoclient ceph-ansible </b><br></div><div><br></div><div>And I am not using any external authentication (no IPA)</div><div>I am getting this error message upon deployment <br></div><div><br></div><div><span style="color:rgb(255,0,0)"><b>2021-08-05 15:03:01.753102 | 525400e8-92c8-feee-3618-0000000005f1 | FATAL | Request kerberos keytab | udtrain | error={"changed": true, "cmd": "/usr/bin/kinit -kt /etc/krb5.keytab && ipa-getkeytab -s $(grep xmlrpc_uri /etc/ipa/default.conf | cut -d/ -f3) -p nova/<a href="http://udtrain.example.com" target="_blank">udtrain.example.com</a> -k /etc/novajoin/krb5.keytab", "delta": "0:00:00.060011", "end": "2021-08-05 15:03:01.737378", "msg": "non-zero return code", "rc": 1, "start": "2021-08-05 15:03:01.677367", "stderr": "kinit: Cannot determine realm for host (principal host/udtrain.example.com@)", "stderr_lines": ["kinit: Cannot determine realm for host (principal host/udtrain.example.com@)"], "stdout": "", "stdout_lines": []}</b></span></div><div><br></div><div>This is my undercloud.conf file :</div><div><b>[DEFAULT]<br>clean_nodes = true<br>container_cli = podman<br>container_images_file = /home/stack/containers-prepare-parameter.yaml<br>custom_env_files = /home/stack/templates/custom-undercloud-params.yaml<br>deployment_user = stack<br>enable_novajoin = true<br>inspection_interface = br-ctlplane<br>ipxe_enabled = true<br>local_interface = enp2s0<br>local_ip = <a href="http://10.200.4.1/24" target="_blank">10.200.4.1/24</a><br>local_subnet = ctlplane-subnet<br>overcloud_domain_name = <a href="http://example.com" target="_blank">example.com</a><br>subnets = ctlplane-subnet<br>undercloud_admin_host = 10.200.4.3<br>undercloud_hostname = <a href="http://udtrain.example.com" target="_blank">udtrain.example.com</a><br>undercloud_nameservers = 172.16.0.252,9.9.9.9,8.8.8.8<br>undercloud_ntp_servers = 172.16.0.252,<a href="http://0.pool.ntp.org" target="_blank">0.pool.ntp.org</a>,<a href="http://1.pool.ntp.org" target="_blank">1.pool.ntp.org</a>,<a href="http://2.pool.ntp.org" target="_blank">2.pool.ntp.org</a>,<a href="http://3.pool.ntp.org" target="_blank">3.pool.ntp.org</a><br>undercloud_public_host = 10.200.4.2<br>[ctlplane-subnet]<br>cidr = <a href="http://10.200.4.0/24" target="_blank">10.200.4.0/24</a><br>dhcp_end = 10.200.4.24<br>dhcp_start = 10.200.4.5<br>gateway = 10.200.4.1<br>inspection_iprange = 10.200.4.100,10.200.4.120<br>masquerade = true</b></div><div><br></div><div>any idea?<br></div><div><br></div><div>Regards.<br></div></div><div id="gmail-m_7883942851865380958DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><br>
<table style="border-top:1px solid rgb(211,212,222)">
<tbody><tr>
<td style="width:55px;padding-top:13px"><a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail" target="_blank"><img src="https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif" alt="" width="46" height="29" style="width: 46px; height: 29px;"></a></td>
<td style="width:470px;padding-top:12px;color:rgb(65,66,78);font-size:13px;font-family:Arial,Helvetica,sans-serif;line-height:18px">Virus-free. <a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail" style="color:rgb(68,83,234)" target="_blank">www.avast.com</a>
</td>
</tr>
</tbody></table><a href="#m_7883942851865380958_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2" width="1" height="1"></a></div>
_______________________________________________<br>
users mailing list<br>
<a href="mailto:users@lists.rdoproject.org" target="_blank">users@lists.rdoproject.org</a><br>
<a href="http://lists.rdoproject.org/mailman/listinfo/users" rel="noreferrer" target="_blank">http://lists.rdoproject.org/mailman/listinfo/users</a><br>
<br>
To unsubscribe: <a href="mailto:users-unsubscribe@lists.rdoproject.org" target="_blank">users-unsubscribe@lists.rdoproject.org</a><br>
</blockquote></div>