tripleo

nova with cebh rbd backend and tls-e fail the deployment by default

Bug #1928554 reported by Michele Baldessari
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
Fix Released
Undecided
Unassigned

Bug Description

I get this in the nova libvirt container:
2021-05-15 14:44:05.508 6 WARNING nova.virt.libvirt.driver [-] Running Nova with a libvirt version less than 7.0.0 is deprecated. The required minimum version of libvirt will be raised to 7.0.0 in the next release.
2021-05-15 14:44:05.509 6 WARNING nova.virt.libvirt.driver [-] Running Nova with a QEMU version less than 5.2.0 is deprecated. The required minimum version of QEMU will be raised to 5.2.0 in the next release.
2021-05-15 14:44:05.509 6 ERROR oslo_service.service [-] Error starting thread.: nova.exception.Invalid: Setting both 'live_migration_tunnelled' and 'live_migration_with_native_tls' at the same time is invalid. If you have the relevant libvirt and QEMU versions, and TLS configured in your environment, pick 'live_migration_with_native_tls'.
2021-05-15 14:44:05.509 6 ERROR oslo_service.service Traceback (most recent call last):
2021-05-15 14:44:05.509 6 ERROR oslo_service.service File "/usr/lib/python3.6/site-packages/oslo_service/service.py", line 807, in run_service
2021-05-15 14:44:05.509 6 ERROR oslo_service.service service.start()
2021-05-15 14:44:05.509 6 ERROR oslo_service.service File "/usr/lib/python3.6/site-packages/nova/service.py", line 159, in start
2021-05-15 14:44:05.509 6 ERROR oslo_service.service self.manager.init_host()
2021-05-15 14:44:05.509 6 ERROR oslo_service.service File "/usr/lib/python3.6/site-packages/nova/compute/manager.py", line 1410, in init_host
2021-05-15 14:44:05.509 6 ERROR oslo_service.service self.driver.init_host(host=self.host)
2021-05-15 14:44:05.509 6 ERROR oslo_service.service File "/usr/lib/python3.6/site-packages/nova/virt/libvirt/driver.py", line 768, in init_host
2021-05-15 14:44:05.509 6 ERROR oslo_service.service raise exception.Invalid(msg)
2021-05-15 14:44:05.509 6 ERROR oslo_service.service nova.exception.Invalid: Setting both 'live_migration_tunnelled' and 'live_migration_with_native_tls' at the same time is invalid. If you have the relevant libvirt and QEMU versions, and TLS configured in your environment, pick 'live_migration_with_native_tls'.

/etc/puppet/hieradata/service_configs.json: "nova::migration::libvirt::live_migration_with_native_tls": true,

/etc/puppet/hieradata/service_configs.json: "nova::migration::libvirt::live_migration_tunnelled": true,

For now I worked around it just to get a successful deployment with the following:
  ExtraConfig:
    nova::migration::libvirt::live_migration_tunnelled: false

OpenStack Infra (hudson-openstack)
Changed in tripleo:
status: New → In Progress
Revision history for this message
Michele Baldessari (michele) wrote :

https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791034

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (stable/wallaby)

Fix proposed to branch: stable/wallaby
Review: https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791587

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (stable/victoria)

Fix proposed to branch: stable/victoria
Review: https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791588

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791591

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (stable/train)

Fix proposed to branch: stable/train
Review: https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791592

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (master)

Reviewed: https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791034
Committed: https://opendev.org/openstack/tripleo-heat-templates/commit/3a472cbbe844dd7e15e4889e5f02845461413169
Submitter: "Zuul (22348)"
Branch: master

commit 3a472cbbe844dd7e15e4889e5f02845461413169
Author: Martin Schuppert <email address hidden>
Date: Wed May 12 19:45:22 2021 +0200

    Disable tunneled mode when use_tls_for_live_migration

    With recent version of libvirt, nova-compute don't come up
    correct when tls-everywhere (use_tls_for_live_migration)
    is set. The enable_live_migration_tunnelled condition
    did not consider tls-livemigration and got disabled.
    Nova-compute fails to start with:

    2021-05-12 12:49:09.278 7 ERROR oslo_service.service nova.exception.Invalid: Setting both 'live_migration_tunnelled' and 'live_migration_with_native_tls' at the same time is invalid. If you have the relevant libvirt and QEMU versions, and TLS configured in your environment, pick 'live_migration_with_native_tls'._

    This change enhance the enable_live_migration_tunnelled
    condition to not configure tunnelled mode when
    use_tls_for_live_migration is true.

    Closes-Bug: #1928554
    Related-bug: https://bugzilla.redhat.com/show_bug.cgi?id=1959808

    Change-Id: I1a6f5d3a98d185415b772fa6a94d6f4329dc59a0

Changed in tripleo:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (stable/victoria)

Reviewed: https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791588
Committed: https://opendev.org/openstack/tripleo-heat-templates/commit/86de3c350141e1e05e5d77a742fc7c3dbb8a574c
Submitter: "Zuul (22348)"
Branch: stable/victoria

commit 86de3c350141e1e05e5d77a742fc7c3dbb8a574c
Author: Martin Schuppert <email address hidden>
Date: Wed May 12 19:45:22 2021 +0200

    Disable tunneled mode when use_tls_for_live_migration

    With recent version of libvirt, nova-compute don't come up
    correct when tls-everywhere (use_tls_for_live_migration)
    is set. The enable_live_migration_tunnelled condition
    did not consider tls-livemigration and got disabled.
    Nova-compute fails to start with:

    2021-05-12 12:49:09.278 7 ERROR oslo_service.service nova.exception.Invalid: Setting both 'live_migration_tunnelled' and 'live_migration_with_native_tls' at the same time is invalid. If you have the relevant libvirt and QEMU versions, and TLS configured in your environment, pick 'live_migration_with_native_tls'._

    This change enhance the enable_live_migration_tunnelled
    condition to not configure tunnelled mode when
    use_tls_for_live_migration is true.

    Conflicts:
      - deployment/nova/nova-compute-container-puppet.yaml

    NOTE(dvd):
    - 91837d4fa7325e909b5f5a655336015688edb47c Add new parameters to configure nova-compute direct rbd image download
    - addcee106e2f0de09f785dbfde57d1185404c39c Add ability to configure glance multiple cinder stores

    Closes-Bug: #1928554
    Related-bug: https://bugzilla.redhat.com/show_bug.cgi?id=1959808

    Change-Id: I1a6f5d3a98d185415b772fa6a94d6f4329dc59a0
    (cherry picked from commit 3a472cbbe844dd7e15e4889e5f02845461413169)
    (cherry picked from commit 4b1da5cd5ba440241351e52b627cde0477e93057)

tags: added: in-stable-victoria
tags: added: in-stable-wallaby
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (stable/wallaby)

Reviewed: https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791587
Committed: https://opendev.org/openstack/tripleo-heat-templates/commit/4b1da5cd5ba440241351e52b627cde0477e93057
Submitter: "Zuul (22348)"
Branch: stable/wallaby

commit 4b1da5cd5ba440241351e52b627cde0477e93057
Author: Martin Schuppert <email address hidden>
Date: Wed May 12 19:45:22 2021 +0200

    Disable tunneled mode when use_tls_for_live_migration

    With recent version of libvirt, nova-compute don't come up
    correct when tls-everywhere (use_tls_for_live_migration)
    is set. The enable_live_migration_tunnelled condition
    did not consider tls-livemigration and got disabled.
    Nova-compute fails to start with:

    2021-05-12 12:49:09.278 7 ERROR oslo_service.service nova.exception.Invalid: Setting both 'live_migration_tunnelled' and 'live_migration_with_native_tls' at the same time is invalid. If you have the relevant libvirt and QEMU versions, and TLS configured in your environment, pick 'live_migration_with_native_tls'._

    This change enhance the enable_live_migration_tunnelled
    condition to not configure tunnelled mode when
    use_tls_for_live_migration is true.

    Closes-Bug: #1928554
    Related-bug: https://bugzilla.redhat.com/show_bug.cgi?id=1959808

    Change-Id: I1a6f5d3a98d185415b772fa6a94d6f4329dc59a0
    (cherry picked from commit 3a472cbbe844dd7e15e4889e5f02845461413169)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 14.1.1

This issue was fixed in the openstack/tripleo-heat-templates 14.1.1 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (stable/ussuri)

Reviewed: https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791591
Committed: https://opendev.org/openstack/tripleo-heat-templates/commit/0e8be55089ed96b8d594bba487d8ad61be93d3cc
Submitter: "Zuul (22348)"
Branch: stable/ussuri

commit 0e8be55089ed96b8d594bba487d8ad61be93d3cc
Author: Martin Schuppert <email address hidden>
Date: Wed May 12 19:45:22 2021 +0200

    Disable tunneled mode when use_tls_for_live_migration

    With recent version of libvirt, nova-compute don't come up
    correct when tls-everywhere (use_tls_for_live_migration)
    is set. The enable_live_migration_tunnelled condition
    did not consider tls-livemigration and got disabled.
    Nova-compute fails to start with:

    2021-05-12 12:49:09.278 7 ERROR oslo_service.service nova.exception.Invalid: Setting both 'live_migration_tunnelled' and 'live_migration_with_native_tls' at the same time is invalid. If you have the relevant libvirt and QEMU versions, and TLS configured in your environment, pick 'live_migration_with_native_tls'._

    This change enhance the enable_live_migration_tunnelled
    condition to not configure tunnelled mode when
    use_tls_for_live_migration is true.

    Conflicts:
      - deployment/nova/nova-compute-container-puppet.yaml

    NOTE(dvd):
    - 91837d4fa7325e909b5f5a655336015688edb47c Add new parameters to configure nova-compute direct rbd image download
    - addcee106e2f0de09f785dbfde57d1185404c39c Add ability to configure glance multiple cinder stores

    Closes-Bug: #1928554
    Related-bug: https://bugzilla.redhat.com/show_bug.cgi?id=1959808

    Change-Id: I1a6f5d3a98d185415b772fa6a94d6f4329dc59a0
    (cherry picked from commit 3a472cbbe844dd7e15e4889e5f02845461413169)
    (cherry picked from commit 4b1da5cd5ba440241351e52b627cde0477e93057)
    (cherry picked from commit 86de3c350141e1e05e5d77a742fc7c3dbb8a574c)

tags: added: in-stable-ussuri
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (stable/train)

Reviewed: https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791592
Committed: https://opendev.org/openstack/tripleo-heat-templates/commit/af8576222f2404b9542b5b04e86ebd0b960e452c
Submitter: "Zuul (22348)"
Branch: stable/train

commit af8576222f2404b9542b5b04e86ebd0b960e452c
Author: Martin Schuppert <email address hidden>
Date: Wed May 12 19:45:22 2021 +0200

    Disable tunneled mode when use_tls_for_live_migration

    With recent version of libvirt, nova-compute don't come up
    correct when tls-everywhere (use_tls_for_live_migration)
    is set. The enable_live_migration_tunnelled condition
    did not consider tls-livemigration and got disabled.
    Nova-compute fails to start with:

    2021-05-12 12:49:09.278 7 ERROR oslo_service.service nova.exception.Invalid: Setting both 'live_migration_tunnelled' and 'live_migration_with_native_tls' at the same time is invalid. If you have the relevant libvirt and QEMU versions, and TLS configured in your environment, pick 'live_migration_with_native_tls'._

    This change enhance the enable_live_migration_tunnelled
    condition to not configure tunnelled mode when
    use_tls_for_live_migration is true.

    Closes-Bug: #1928554
    Related-bug: https://bugzilla.redhat.com/show_bug.cgi?id=1959808

    Change-Id: I1a6f5d3a98d185415b772fa6a94d6f4329dc59a0
    (cherry picked from commit 3a472cbbe844dd7e15e4889e5f02845461413169)
    (cherry picked from commit 4b1da5cd5ba440241351e52b627cde0477e93057)
    (cherry picked from commit 86de3c350141e1e05e5d77a742fc7c3dbb8a574c)
    (cherry picked from commit 0e8be55089ed96b8d594bba487d8ad61be93d3cc)

tags: added: in-stable-train
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 13.3.0

This issue was fixed in the openstack/tripleo-heat-templates 13.3.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 11.6.0

This issue was fixed in the openstack/tripleo-heat-templates 11.6.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 12.4.4

This issue was fixed in the openstack/tripleo-heat-templates 12.4.4 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 15.0.0

This issue was fixed in the openstack/tripleo-heat-templates 15.0.0 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.