charms: nova/cinder/ceph rbd integration broken on Ocata
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Charm Guide |
Fix Released
|
High
|
James Page | ||
OpenStack Cinder Charm |
Invalid
|
Critical
|
Liam Young | ||
OpenStack Cinder-Ceph charm |
Fix Released
|
Critical
|
James Page | ||
OpenStack Nova Compute Charm |
Fix Released
|
Critical
|
James Page |
Bug Description
https:/
As a result, its not possible to attach ceph block devices in instances in a charm deployed Ocata; the secret_uuid configuration is not populated in the cinder configuration file, and in any case the username on the compute units won't match the username for ceph being used on the cinder units (as compute and cinder units get different keys created) so I don't think the key created on the compute units will actually work with the username provided from cinder.
I'm not 100% convinced this is a great change in behaviour; the cinder and nova keys have much the same permissions for correct operation (rwx on images, volumes and vms groups) however it does mean that the nova-compute units have to have the same keys as the cinder units. A key disclosure/
Changed in charm-cinder-ceph: | |
importance: | Undecided → Critical |
Changed in charm-nova-compute: | |
importance: | Undecided → Critical |
Changed in charm-cinder-ceph: | |
status: | New → Triaged |
Changed in charm-nova-compute: | |
status: | New → Triaged |
summary: |
- nova/cinder/ceph rbd integration broken on Ocata + charms: nova/cinder/ceph rbd integration broken on Ocata |
description: | updated |
Changed in charm-cinder-ceph: | |
assignee: | nobody → James Page (james-page) |
Changed in charm-nova-compute: | |
assignee: | nobody → James Page (james-page) |
Changed in charm-cinder-ceph: | |
status: | Triaged → In Progress |
Changed in charm-nova-compute: | |
status: | Triaged → In Progress |
Changed in charm-guide: | |
status: | New → In Progress |
importance: | Undecided → High |
assignee: | nobody → James Page (james-page) |
milestone: | none → 17.05 |
Changed in charm-cinder-ceph: | |
status: | Fix Committed → Fix Released |
Changed in charm-nova-compute: | |
status: | Fix Committed → Fix Released |
no longer affects: | nova |
Changed in charm-cinder: | |
status: | New → Won't Fix |
Changed in charm-cinder: | |
status: | Won't Fix → Confirmed |
importance: | Undecided → Critical |
assignee: | nobody → David Ames (thedac) |
milestone: | none → 19.04 |
tags: | added: canonical-bootstack |
Changed in charm-cinder: | |
assignee: | nobody → Liam Young (gnuoy) |
As a quick fix I've tried adding the uuid for the nova-compute created secret to cinder (this is a global constant for the charms):
<disk type="network" device="disk"> ceph/volume- bdff2036- c0da-438d- aa95-d882d408df 92"> "cinder- ceph"> 8cbe-11e2- 9c52-3bc8c78194 72"/> bdff2036- c0da-438d- aa95-d882d408df 92</serial>
<driver name="qemu" type="raw" cache="none"/>
<source protocol="rbd" name="cinder-
<host name="10.5.25.226" port="6789"/>
<host name="10.5.25.227" port="6789"/>
<host name="10.5.25.229" port="6789"/>
</source>
<auth username=
<secret type="ceph" uuid="514c9fca-
</auth>
<target bus="virtio" dev="vdb"/>
<serial>
</disk>
results in the correct XML, however the username mismatches with the keys so the attach fails.