Ceph OSD units requires reboot if they boot before vault (and if not unsealed with 150s)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ceph OSD Charm |
Invalid
|
Undecided
|
Unassigned | ||
Ubuntu Cloud Archive |
Fix Released
|
Undecided
|
Unassigned | ||
Queens |
Fix Released
|
Undecided
|
Unassigned | ||
Rocky |
Fix Released
|
Undecided
|
Unassigned | ||
Stein |
Fix Released
|
Undecided
|
Unassigned | ||
Train |
Fix Released
|
Undecided
|
Unassigned | ||
Ussuri |
Fix Released
|
Undecided
|
Unassigned | ||
ceph (Ubuntu) |
Fix Released
|
High
|
dongdong tao | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
Disco |
Won't Fix
|
Undecided
|
Unassigned | ||
Eoan |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
High
|
dongdong tao |
Bug Description
[Impact]
Various configuration option values that are read from environment variables are incorrectly parsed as strings rather than ints which means that for certain deployment use-cases, the timeouts for starting the ceph-osd volume units cannot be increased to accommodate dependencies starting first.
[Test Case]
Deploy ceph with vault for key management
set a systemd override for ceph-volume@
Environment=
Seal vault units (by restarting the vault service)
Reboot ceph-osd machines - Environment override is ignored as its not correctly parsed.
[Regression Potential]
Low - this fix has been accept upstream in later releases.
[Original Bug Report]
In a scenario where Ceph is encrypted and using Vault as the keymanager, in a scenario where vault and ceph are both stopped, any OSDs on the unit(s) affected will require a further reboot if they try to start before vault is unsealed.
Changed in charm-ceph-osd: | |
assignee: | nobody → James Page (james-page) |
status: | Triaged → In Progress |
tags: | added: canonical-bootstack |
Changed in charm-ceph-osd: | |
status: | In Progress → Triaged |
Changed in charm-ceph-osd: | |
milestone: | 19.04 → 19.07 |
Changed in charm-ceph-osd: | |
milestone: | 19.07 → 19.10 |
tags: | added: sts |
Changed in charm-ceph-osd: | |
milestone: | 19.10 → 20.01 |
tags: | added: cold-start |
Changed in charm-ceph-osd: | |
assignee: | James Page (james-page) → nobody |
Changed in charm-ceph-osd: | |
assignee: | nobody → dongdong tao (taodd) |
Changed in ceph (Ubuntu Focal): | |
status: | New → Fix Released |
Changed in ceph (Ubuntu Disco): | |
status: | New → Won't Fix |
description: | updated |
Changed in ceph (Ubuntu Eoan): | |
status: | Fix Committed → Fix Released |
tags: |
added: verification-done-bionic verification-rocky-done verification-stein-done removed: verification-needed-bionic verification-rocky-needed verification-stein-needed |
That's definitely a bug - the systemd unit should spin until vault is unsealed, and then retrieve the keys and unlock the disks.