It took me a while, but I checked with the new version of nova on new
devstack env and it looks like it is working. Also, I'm not sure if the
fixed_key was matching in a first place, but I can't check now.
All in all, it is working and a bug can be closed.
** Changed in: nova
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1645767
Title:
nova evacuate fails when encrypted volume is connected to instance
Status in OpenStack Compute (nova):
Invalid
Bug description:
Description
===========
If instance has encrypted volume connected to it and mounted during the host
failure, 'nova evacuate' would result in instance entering the error state.
Steps to reproduce
==================
1. Boot a VM
a) nova boot --image 2c60a713-bbba-4696-adff-c80a12cab7d8 --flavor 42 --nic
net-id=eb6c7f6b-100f-41bb-9c5d-11975a2cdba6 --availability-zone nova:compute1
test
b) nova floating-ip-associate test 192.168.57.50
2. Create an encrypted volume
a) cinder type-create LUKS
b) cinder encryption-type-create --cipher aes-xts-plain64 --key_size 512 \
--control_location front-end LUKS nova.volume.encryptors.luks.LuksEncryptor
c) openstack volume create --size 1 --type
58931c06-1431-45cf-9b4c-4e998594447d test-volume
3. Attach the volume to instance
a) openstack server add volume test d06b7b7c-641d-4086-a3b1-4eee898b5c2a
4. SSH to instance, create file system on volume and mount it
a) ssh [email protected]
b) sudo mkfs.ext3 /dev/vdb
c) sudo mount /dev/vdb /mnt
d) sudo touch /mtn/test
5. Kill the compute node (In my case it was powering of the compute1)
6. Try to evacuate instance using `nova evacuate`
Expected result
===============
Instance rebuilded on another host, with volume attached to it.
Actual result
=============
Instance entered the error state. Output from `nova show test`:
Unexpected error while running command.
Command: sudo nova-rootwrap /etc/nova/rootwrap.conf cryptsetup luksOpen
--key-file=- /dev/sdc
crypt-ip-192.168.57.2:3260-iscsi-iqn.2010-10.org.openstack:volume-d06b7b7c-641d-4086-a3b1-4eee898b5c2a-lun-1
Exit code: 2", "code": 500, "details": " File
\"/opt/stack/nova/nova/compute/manager.py\", line 204, in decorated_function
return function(self, context, *args, **kwargs)
File \"/opt/stack/nova/nova/compute/manager.py\", line 2703, in
rebuild_instance
bdms, recreate, on_shared_storage, preserve_ephemeral)
File \"/opt/stack/nova/nova/compute/manager.py\", line 2747, in
_do_rebuild_instance_with_claim
self._do_rebuild_instance(*args, **kwargs)
File \"/opt/stack/nova/nova/compute/manager.py\", line 2862, in
_do_rebuild_instance
self._rebuild_default_impl(**kwargs)
File \"/opt/stack/nova/nova/compute/manager.py\", line 2626, in
_rebuild_default_impl
block_device_info=new_block_device_info)
File \"/opt/stack/nova/nova/virt/libvirt/driver.py\", line 2622, in spawn
post_xml_callback=gen_confdrive)
File \"/opt/stack/nova/nova/virt/libvirt/driver.py\", line 4845, in
_create_domain_and_network
encryptor.attach_volume(context, **encryption)
File \"/opt/stack/nova/nova/volume/encryptors/luks.py\", line 102, in
attach_volume
self._open_volume(passphrase, **kwargs)
File \"/opt/stack/nova/nova/volume/encryptors/luks.py\", line 86, in
_open_volume
run_as_root=True, check_exit_code=True)
File \"/opt/stack/nova/nova/utils.py\", line 295, in execute
return RootwrapProcessHelper().execute(*cmd, **kwargs)
File \"/opt/stack/nova/nova/utils.py\", line 178, in execute
return processutils.execute(*cmd, **kwargs)
File
\"/usr/local/lib/python2.7/dist-packages/oslo_concurrency/processutils.py\",
line 394, in execute
cmd=sanitized_cmd)
Environment
===========
* Multinode devstack on VMs running Ubuntu 16.04
* Networking: Neutron with OVS
* Cinder backend - LVM
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1645767/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
