Mounting of ceph-backed cinder volumes is broken after Ocata upgrade
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Expired
|
Undecided
|
Unassigned |
Bug Description
Environment: multi-node greenfield OSA Newton deploy, upgraded to Ocata (via documented manual upgrade process).
After the Ocata upgrade, I could not launch volume-backed instances or attach cinder volumes to instances. This could ultimately be a cinder or nova bug, but starting here because we may need to implement a workaround regardless.
For context, this was changed in Ocata (per release notes):
> When making connections to Ceph-backed volumes via the Libvirt driver, the auth values
> (rbd_user, rbd_secret_uuid) are now pulled from the backing cinder.conf rather than
> nova.conf. The nova.conf values are only used if set and the cinder.conf values are not
> set, but this fallback support is considered accidental and will be removed in the Nova
> 16.0.0 Pike release.
When i try to launch an RBD volume-backed instance, this happens (fuller log output at http://
```
a401-24a53056415c] File "/openstack/
2017-06-13 13:01:21.823 55184 ERROR nova.compute.
...
2017-06-13 13:01:21.823 55184 ERROR nova.compute.
```
Basically, self.auth_
netdisk_properties:
{u'secret_type': u'ceph', u'name': u'volumes/
It appears that Cinder isn't providing Nova with a secret_uuid. cinder.conf supports an `rbd_secret_uuid` in the `[rbd]` section, but this was not set in cinder.conf in any of the Cinder containers. I tried setting this in the cinder volume containers, restarted those containers, made no difference.
As a workaround, I modified /openstack/
```
def _set_auth_
# Relevant comment trimmed for length
if auth_enabled:
# Comment out the following line and insert the subsequent line
# conf.auth_
```
Has anyone else encountered this issue?
I'm guessing one of these is happening, in decreasing order of likelihood:
1. OSA isn't configuring Cinder sufficiently enough so that it will pass the secret_uuid to Nova when a volume is mounted
2. Cinder has a bug, where secret_uuid is not sent to Nova during volume mount process
3. Nova has a bug, receives secret_uuid but doesn't parse or process it correctly
Thank you!
Changed in openstack-ansible: | |
assignee: | nobody → Logan V (loganv) |
Changed in openstack-ansible: | |
assignee: | Logan V (loganv) → Jesse Pretorius (jesse-pretorius) |
Changed in openstack-ansible: | |
status: | New → Incomplete |
I experience the same error with Newton and Ocata. For Newton I know the issue occurred since tag 14.2.3.
https:/ /docs.openstack .org/releasenot es/openstack- ansible/ newton. html#id5 Here the changelog of 14.2.3 wich has the same Ceph change as you mentioned in Ocata (Removed dependency for cinder_ backends_ rbd_inuse in nova.conf).
Currently testing on a new deploy of Ocata tag 15.2.5 and as you said the cinder.conf does not contain `rbd_secret_uuid`, when I provided this information everything worked again so it was not required for me to change the net.py file. So thanks for that workaround.