Ceph OSD Charm

add-disk action does not pass encryption type to osdize

Bug #1780920 reported by James Page on 2018-07-10

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Ceph OSD Charm	Fix Released	Critical	James Page	Ceph OSD Charm 18.08

Bug Description

The add-disk action only passes the flag to indicate encryption, and not the key management approach, when adding osd devices.

The command will succeed, but keys are stored in ceph, and not in vaultlocker.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-07-10: Fix proposed to charm-ceph-osd (stable/18.05)

Fix proposed to branch: stable/18.05
Review: https://review.openstack.org/581257

James Page (james-page) on 2018-07-10

Changed in charm-ceph-osd:
status:	New → In Progress
assignee:	nobody → James Page (james-page)
importance:	Undecided → Critical
milestone:	none → 18.08

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-07-10: Fix merged to charm-ceph-osd (master)

Reviewed: https://review.openstack.org/581250
Committed: https://git.openstack.org/cgit/openstack/charm-ceph-osd/commit/?id=6c27240761862ebceac05b979b36b2b713ca1b90
Submitter: Zuul
Branch: master

commit 6c27240761862ebceac05b979b36b2b713ca1b90
Author: James Page <email address hidden>
Date: Tue Jul 10 09:28:40 2018 +0100

add-disk: Ensure key-manager config is passed to osdize

    Recent changes to support vault for key management require that
    the 'osd-encrypt-keymanager' is passed to all osdize calls so
    that the correct key management approach is taken.

    Ensure that the add-disk action does the same, otherwise keys
    will always be stored in the ceph mon KV store, rather than
    in Vault.

Closes-Bug: 1780920

Change-Id: I8c722d38d68f13dc00c7444a50d67ce37fbd6a29

Changed in charm-ceph-osd:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-07-10: Fix merged to charm-ceph-osd (stable/18.05)

Reviewed: https://review.openstack.org/581257
Committed: https://git.openstack.org/cgit/openstack/charm-ceph-osd/commit/?id=1c32fc8e9c573a89226c1b4dcae91ce76d12f846
Submitter: Zuul
Branch: stable/18.05

commit 1c32fc8e9c573a89226c1b4dcae91ce76d12f846
Author: James Page <email address hidden>
Date: Tue Jul 10 09:28:40 2018 +0100

add-disk: Ensure key-manager config is passed to osdize

    Recent changes to support vault for key management require that
    the 'osd-encrypt-keymanager' is passed to all osdize calls so
    that the correct key management approach is taken.

    Ensure that the add-disk action does the same, otherwise keys
    will always be stored in the ceph mon KV store, rather than
    in Vault.

Closes-Bug: 1780920

Change-Id: I8c722d38d68f13dc00c7444a50d67ce37fbd6a29
(cherry picked from commit 6c27240761862ebceac05b979b36b2b713ca1b90)

James Page (james-page) on 2018-07-23

Changed in charm-ceph-osd:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.