Comment 7 for bug 1893847

I confirm that this is *NOT* related to totally-unsecure-auto-unlock, I encounter that bug very frequently (and randomly) on many charms even with a proper manual vault unsealing.

In my deployment, I have these charms in HA mode with hacluster (3 nodes each in lxd containers spread on 3 different bare metal machines) :

- ceilometer (rev.278) ==> never
- ceph-radosgw (rev. 291) ==> sometimes
- cinder (rev. 306) ==> never
- glance (rev. 301) ==> sometimes
- gnocchi (rev. 42) ==> never
- heat (rev. 279) ==> very often
- keystone (rev. 319) ==> never
- masakari (rev. 4) ==> never
- neutron-api (rev. 290) ==> very often
- nova-cloud-controller (rev. 350) ==> very often
- openstack-dashboard (rev. 309) ==> very often
- placement (rev. 15) ==> very often
- vault (rev. 41) ==> never

Hacluster is rev. 72.

You can find next to their name the frequency of failures with certificates ... they are not behaving the same from one charm to another ... some never fails, some others have failures at nearly every deployments, sometimes only 1 unit, sometimes, all of them.

Just some comments, I don't know if that help in any way, I'm available for more testing if needed.