Later ceph releases (and charms) do support native ceph block device
encryption.
** Changed in: charm-ceph-osd
Status: Triaged => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Tags added: cpe-onsite
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1604501
Title:
ceph-osd fails to initialize when encrypt is enabled
To manage notifications about this bug go to:
** Changed in: ceph (Ubuntu Artful)
Status: Triaged => Fix Released
** Changed in: ceph (Ubuntu Bionic)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
James,
I've already raised one a few months ago
http://tracker.ceph.com/issues/20555 - seems like we have gone through
identical investigations.
I can confirm that I had success with pre-zapping via wipefs and not
passing zap to ceph-disk as well (documented in 20555).
--
You received this bug
Pre-zapping the block device and not passing --zap-disk works around the
issue.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1604501
Title:
ceph-osd fails to initialize when encrypt is enabled
To
Raised a new issue upstream:
http://tracker.ceph.com/issues/21879
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1604501
Title:
ceph-osd fails to initialize when encrypt is enabled
To manage
Upstream bugref:
http://tracker.ceph.com/issues/16451
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1604501
Title:
ceph-osd fails to initialize when encrypt is enabled
To manage notifications
Looks like the issue is here:
https://github.com/ceph/ceph/blob/luminous/src/ceph-
disk/ceph_disk/main.py#L2085
the lockbox is prepared first; and then the main data prepare tries to
re-zap the disk, but /dev/5 is already mounted by the first
step.
** Changed in: ceph (Ubuntu)
Status:
I think the keying permissions are OK now; however ceph-disk tries to
double zap the block device resulting in:
2017-10-20 16:07:45 INFO juju-log mon:1: osdize cmd: ['ceph-disk', 'prepare',
'--dmcrypt', '--fs-type', u'xfs', '--zap-disk', '--filestore', u'/dev/vdb']
2017-10-20 16:07:46 DEBUG
(access is scoped to a specific path prefix for keys which is good).
** Changed in: ceph (Ubuntu)
Status: Triaged => Fix Released
** Changed in: ceph (Ubuntu)
Assignee: Chris Holcombe (xfactor973) => (unassigned)
** Changed in: ceph (Juju Charms Collection)
Assignee: Chris
OK so as of Luminous release it would appear that the default bootstrap-
osd key profile gets permissions to store/retrive dm-crypt keys from the
ceph-mon cluster:
https://github.com/ceph/ceph/commit/88ce18da901b7e9aad621d22839fd28de0af9c51
--
You received this bug notification because you are
** Changed in: charm-ceph
Importance: Undecided => High
** Changed in: charm-ceph
Status: New => Triaged
** Changed in: charm-ceph
Assignee: (unassigned) => Chris Holcombe (xfactor973)
** Changed in: ceph (Juju Charms Collection)
Status: Triaged => Invalid
** Changed in:
This is a target for v10.2.6 which will be up for release next.
** Changed in: ceph (Juju Charms Collection)
Milestone: 17.01 => None
** Changed in: ceph-osd (Juju Charms Collection)
Milestone: 17.01 => None
--
You received this bug notification because you are a member of Ubuntu
Bugs,
** Changed in: ceph-osd (Juju Charms Collection)
Status: Confirmed => Triaged
** Changed in: ceph (Juju Charms Collection)
Status: Confirmed => Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: ceph (Ubuntu)
Status: New => Triaged
** Changed in: ceph (Ubuntu)
Importance: Undecided => High
** Changed in: ceph (Ubuntu)
Assignee: (unassigned) => Chris Holcombe (xfactor973)
** Also affects: ceph (Ubuntu Xenial)
Importance: Undecided
Status: New
**
** Changed in: ceph-osd (Juju Charms Collection)
Milestone: 16.10 => 17.01
** Changed in: ceph (Juju Charms Collection)
Milestone: 16.10 => 17.01
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Related, pasting from #openstack-meeting discussion today for reference:
https://github.com/ceph/ceph/pull/10382 and
http://tracker.ceph.com/issues/17421
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: ceph-osd (Juju Charms Collection)
Milestone: 16.07 => 16.10
** Changed in: ceph (Juju Charms Collection)
Milestone: 16.07 => 16.10
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Upstream tracker: http://tracker.ceph.com/issues/16755
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1604501
Title:
ceph-osd fails to initialize when encrypt is enabled
To manage notifications
** Also affects: ceph (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1604501
Title:
ceph-osd fails to initialize when encrypt is enabled
To
20 matches
Mail list logo
