live migration with encrypted volume fails
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Medium
|
Lee Yarwood |
Bug Description
When live migrating an instance with an encrypted volume it fails to detach the encrypted volume from the source and attaches at the target as an unencrypted volume.
I do see the encrypted volume connector on the source but not on the target
ls -l /dev/disk/by-path
total 0
lrwxrwxrwx 1 root root 121 Oct 13 10:26 ip-192.
lrwxrwxrwx 1 root root 9 Oct 13 10:36 ip-192.
Target
ls -l /dev/disk/by-path
total 0
lrwxrwxrwx 1 root root 9 Oct 13 10:48 ip-192.
lrwxrwxrwx 1 root root 9 Oct 13 10:48 ip-192.
The instance can still access encrypted volume, but the data disappears when you umount/mount the device so I guess it looked ok at first due to filesystem caching
The live migration fails in post migrate on the source due to an error trying to detach the encrypted volume (see bug https:/
Subsequent attempts to detach the volume from the instance (after manually updating it to say it is on the target and active, see https:/
tags: | added: live-migration |
Changed in nova: | |
assignee: | Paul Carlton (paul-carlton2) → Lee Yarwood (lyarwood) |
I assume this is reproducible in devstack with the LVM/iSCSI cinder backend but could you just confirm?
Also as discussed on irc I'd be interested in seeing the connection_info captured on the destination host by a call to os-initialize_ connection prior to connect_volume being called. Did it include the encrypted flag?