Barbican, encrypted volume cannot be deleted
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cinder |
Fix Released
|
Undecided
|
John Griffith |
Bug Description
If the cloud admin defines a encryption_api_url without the keymanager version, eg:
encryption_api_url = http://
Then they will be able to create encrypted volumes, but they won't be able to delete them. The attempt to delete will result in the following stack trace in the cinder-api log:
2015-10-01 13:06:59.668 ERROR cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 TRACE cinder.
2015-10-01 13:06:59.668 ERROR cinder.
<head>
<title>404 Not Found</title>
</head>
<body>
<h1>404 Not Found</h1>
The resource could not be found.<br /><br />
</body>
</html>
The problem is evident a few lines earlier in the log:
2015-10-01 13:06:59.664 DEBUG keystoneclient.
The url in this request is incorrect, because it is missing the version,
http://
Should be:
http://
The commands to reproduce this:
$ cinder create --volume-type LUKS 1
+------
| Property | Value |
+------
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| consistencygroup_id | None |
| created_at | 2015-10-
| description | None |
| encrypted | True |
| id | ada451a5-
| metadata | {} |
| migration_status | None |
| multiattach | False |
| name | None |
| os-vol-
| os-vol-
| os-vol-
| os-vol-
| os-volume-
| os-volume-
| replication_status | disabled |
| size | 1 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| user_id | d8b320d13b954db
| volume_type | LUKS |
+------
$
$ cinder delete ada451a5-
Delete for volume ada451a5-
ERROR: Unable to delete any of the specified volumes.
Cinder conf:
[keymgr]
api_class = cinder.
encryption_api_url = http://
Changed in cinder: | |
assignee: | Ollie Leahy (oliver-leahy-l) → John Griffith (john-griffith) |
Changed in cinder: | |
status: | Fix Committed → Fix Released |
Fix proposed to branch: master /review. openstack. org/230031
Review: https:/