Back to bug 2211691
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Red Hat One Jira (issues.redhat.com) | 2023-06-01 14:07:28 UTC | Link ID | Red Hat Issue Tracker OSP-25548 | |
| Julia Kreger | 2023-06-01 14:09:00 UTC | Target Release | --- | 17.1 |
| Priority | unspecified | urgent | ||
| Target Milestone | --- | ga | ||
| Assignee | rhos-maint | jkreger | ||
| Link ID | OpenStack gerrit 883501 | |||
| Keywords | Triaged | |||
| RHEL Program Management | 2023-06-01 14:09:08 UTC | Target Release | 17.1 | --- |
| Julia Kreger | 2023-06-01 14:09:55 UTC | Target Release | --- | 17.1 |
| Link ID | Launchpad.net 2004555 | |||
| Julia Kreger | 2023-06-01 14:10:08 UTC | Link ID | OpenStack gerrit 883501 | |
| RHEL Program Management | 2023-06-01 14:10:17 UTC | Target Release | 17.1 | --- |
| Julia Kreger | 2023-06-01 14:10:47 UTC | Target Release | --- | 17.1 |
| Link ID | OpenStack gerrit 883581 | |||
| Julia Kreger | 2023-06-01 14:11:01 UTC | Status | NEW | ON_DEV |
| RHEL Program Management | 2023-06-01 14:21:09 UTC | Target Release | 17.1 | --- |
| Julia Kreger | 2023-06-01 15:17:49 UTC | Doc Text | Cause: The changes to Cinder, the Block Storage service, as a result of CVE-2023-2088, broke Ironic's ability to detach a volume attached to a physical bare metal node, which is required as part of the tear down of physical machines with instances deployed upon them. Consequence: Before the fix, the baremetal node could be deployed, but the volume attachment data would not update while the node was in a running state, nor could the bare metal node be torn down. Fix: The Ironic service needed to be updated to include support to explicitly request a "service" role token to make the detachment request work as required. Result: With the fix, a deployed physical machine can be properly turned down and returned to the available physical machine pool to be deployed again. | |
| Doc Type | If docs needed, set a value | Bug Fix | ||
| Julia Kreger | 2023-06-02 13:50:34 UTC | Doc Text | Cause: The changes to Cinder, the Block Storage service, as a result of CVE-2023-2088, broke Ironic's ability to detach a volume attached to a physical bare metal node, which is required as part of the tear down of physical machines with instances deployed upon them. Consequence: Before the fix, the baremetal node could be deployed, but the volume attachment data would not update while the node was in a running state, nor could the bare metal node be torn down. Fix: The Ironic service needed to be updated to include support to explicitly request a "service" role token to make the detachment request work as required. Result: With the fix, a deployed physical machine can be properly turned down and returned to the available physical machine pool to be deployed again. | Cause: The changes to Cinder, the Block Storage service, as a result of CVE-2023-2088, broke Ironic's ability to detach a volume attached to a physical bare metal node, which is required as part of the tear down of physical machines with instances deployed upon them. Consequence: Baremetal instances can be deployed using Nova and Boot From Volume, however they cannot be torn down automatically. This is because Cinder, the Storage Service, blocks the detachment request as a result of fixes related to CVE-2023-2088. Workaround (if any): None. Result: This issue is anticipated to be fixed in the GA release. |
| Doc Type | Bug Fix | Known Issue | ||
| Jenny-Anne Lynch | 2023-06-06 11:42:44 UTC | CC | jelynch | |
| Flags | needinfo?(jkreger) | |||
| Doc Text | Cause: The changes to Cinder, the Block Storage service, as a result of CVE-2023-2088, broke Ironic's ability to detach a volume attached to a physical bare metal node, which is required as part of the tear down of physical machines with instances deployed upon them. Consequence: Baremetal instances can be deployed using Nova and Boot From Volume, however they cannot be torn down automatically. This is because Cinder, the Storage Service, blocks the detachment request as a result of fixes related to CVE-2023-2088. Workaround (if any): None. Result: This issue is anticipated to be fixed in the GA release. | There is currently a known issue where changes to the Block Storage service (cinder), related to CVE-2023-2088, impact the ability of the Bare Metal service (ironic) to detach a volume that is attached to a physical bare metal node. The detachment is required for the teardown of physical machines with instances deployed on them. You can deploy bare-metal instances by using the Compute service (nova) or by using the Boot from Volume functionality. However, you cannot automatically tear down instances. There is no workaround for this issue. A fix is expected in the Red Hat OpenStack Platform 17.1 GA release. | ||
| Julia Kreger | 2023-06-06 13:18:37 UTC | Flags | needinfo?(jkreger) | |
| Doc Text | There is currently a known issue where changes to the Block Storage service (cinder), related to CVE-2023-2088, impact the ability of the Bare Metal service (ironic) to detach a volume that is attached to a physical bare metal node. The detachment is required for the teardown of physical machines with instances deployed on them. You can deploy bare-metal instances by using the Compute service (nova) or by using the Boot from Volume functionality. However, you cannot automatically tear down instances. There is no workaround for this issue. A fix is expected in the Red Hat OpenStack Platform 17.1 GA release. | There is currently a known issue where changes to the Block Storage service (cinder), related to CVE-2023-2088, impact the ability of the Bare Metal service (ironic) to detach a volume that is attached to a physical bare metal node. The detachment is required for the teardown of physical machines with an instance deployed on them. You can deploy bare-metal instances by using the Compute service (nova) or by using the Boot from Volume functionality. However, you cannot automatically tear down instances utilizing Boot From Cinder Volumes. There is no workaround for this issue. A fix is expected in the Red Hat OpenStack Platform 17.1 GA release. | ||
| Jenny-Anne Lynch | 2023-06-06 14:05:57 UTC | Doc Text | There is currently a known issue where changes to the Block Storage service (cinder), related to CVE-2023-2088, impact the ability of the Bare Metal service (ironic) to detach a volume that is attached to a physical bare metal node. The detachment is required for the teardown of physical machines with an instance deployed on them. You can deploy bare-metal instances by using the Compute service (nova) or by using the Boot from Volume functionality. However, you cannot automatically tear down instances utilizing Boot From Cinder Volumes. There is no workaround for this issue. A fix is expected in the Red Hat OpenStack Platform 17.1 GA release. | There is currently a known issue where changes to the Block Storage service (cinder), related to CVE-2023-2088, impact the ability of the Bare Metal Provisioning service (ironic) to detach a volume that is attached to a physical bare metal node. The detachment is required for the teardown of physical machines with an instance deployed on them. You can deploy bare-metal instances by using the Compute service (nova) or by using the boot from volume functionality. However, you cannot automatically tear down instances by using boot from Block Storage service volumes. There is no workaround for this issue. A fix is expected in the Red Hat OpenStack Platform 17.1 GA release. |
| Paul Grist | 2023-06-06 22:43:30 UTC | CC | pgrist | |
| Mike Burns | 2023-06-07 12:41:03 UTC | CC | mburns | |
| RHEL Program Management | 2023-06-07 12:41:13 UTC | Target Release | --- | 17.1 |
| Jenny-Anne Lynch | 2023-06-15 15:50:52 UTC | Doc Text | There is currently a known issue where changes to the Block Storage service (cinder), related to CVE-2023-2088, impact the ability of the Bare Metal Provisioning service (ironic) to detach a volume that is attached to a physical bare metal node. The detachment is required for the teardown of physical machines with an instance deployed on them. You can deploy bare-metal instances by using the Compute service (nova) or by using the boot from volume functionality. However, you cannot automatically tear down instances by using boot from Block Storage service volumes. There is no workaround for this issue. A fix is expected in the Red Hat OpenStack Platform 17.1 GA release. | There is currently a known issue where changes to the Block Storage service (cinder), related to link:https://access.redhat.com/security/cve/CVE-2023-2088[CVE-2023-2088], impact the ability of the Bare Metal Provisioning service (ironic) to detach a volume that is attached to a physical bare metal node. The detachment is required for the teardown of physical machines with an instance deployed on them. You can deploy bare-metal instances by using the Compute service (nova) or by using the boot from volume functionality. However, you cannot automatically tear down instances by using boot from Block Storage service volumes. There is no workaround for this issue. A fix is expected in the Red Hat OpenStack Platform 17.1 GA release. |
| Lon Hohberger | 2023-06-20 20:12:04 UTC | Fixed In Version | openstack-ironic-17.1.1-1.20230128052013.el9ost | |
| Status | ON_DEV | MODIFIED | ||
| errata-xmlrpc | 2023-06-20 22:17:17 UTC | Status | MODIFIED | ON_QA |
| James E. LaBarre | 2023-06-30 12:12:52 UTC | CC | jlabarre | |
| Status | ON_QA | VERIFIED | ||
| Jenny-Anne Lynch | 2023-07-19 14:19:32 UTC | CC | jelynch | |
| Ian Frangs | 2023-08-03 15:46:23 UTC | Flags | needinfo?(jkreger) | |
| Ian Frangs | 2023-08-11 13:24:44 UTC | Doc Type | Known Issue | Bug Fix |
| Doc Text | There is currently a known issue where changes to the Block Storage service (cinder), related to link:https://access.redhat.com/security/cve/CVE-2023-2088[CVE-2023-2088], impact the ability of the Bare Metal Provisioning service (ironic) to detach a volume that is attached to a physical bare metal node. The detachment is required for the teardown of physical machines with an instance deployed on them. You can deploy bare-metal instances by using the Compute service (nova) or by using the boot from volume functionality. However, you cannot automatically tear down instances by using boot from Block Storage service volumes. There is no workaround for this issue. A fix is expected in the Red Hat OpenStack Platform 17.1 GA release. | Before this update, the Bare Metal Provisioning service (ironic) was unable to detach a Block Storage service (cinder) volume from a physical bare metal node. This volume detachment is required to tear down physical machines that have an instance deployed on them by using the boot from volume functionality. With this update, the Bare Metal Provisioning service (ironic) can detach a volume from a physical bare metal node to automatically tear down these physical machines. | ||
| Flags | needinfo?(jkreger) | needinfo- | ||
| CC | ifrangs | |||
| errata-xmlrpc | 2023-08-16 00:03:28 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2023-08-16 01:15:29 UTC | Resolution | --- | ERRATA |
| Status | RELEASE_PENDING | CLOSED | ||
| Last Closed | 2023-08-16 01:15:29 UTC | |||
| errata-xmlrpc | 2023-08-16 01:15:53 UTC | Link ID | Red Hat Product Errata RHEA-2023:4577 |
Back to bug 2211691