Bug 1500727

Summary: [ceph-ansible] [ceph-container] : dmcrypt OSDs - open_encrypted_part failing
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Vasishta <vashastr>
Component: Ceph-AnsibleAssignee: Sébastien Han <shan>
Status: CLOSED ERRATA QA Contact: Vasishta <vashastr>
Severity: high Docs Contact:
Priority: high    
Version: 3.0CC: adeza, anharris, aschoen, ceph-eng-bugs, gmeno, kdreyer, nthomas, sankarshan
Target Milestone: rc   
Target Release: 3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: RHEL: ceph-ansible-3.0.2-1 Ubuntu: ceph-ansible-3.0.2-2redhat1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-12-05 23:47:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Vasishta 2017-10-11 11:43:03 UTC 
Description of problem:
open_encrypted_part is failing on dmcrypt OSDs. After playbook run completed without any failures OSDs were not up and in, even though containers were up, services were active+running.

Version-Release number of selected component (if applicable):
ceph-ansible-3.0.0-0.1.rc19.el7cp.noarch

How reproducible:
Always (3/3)

Steps to Reproduce:
1. Configure ceph-ansible to initialize a cluster with dmcrypt OSDs 
2. Run playbook.

Actual results (from OSD journald log):
Stuck at -
open_encrypted_part(): cryptsetup --key-file - luksOpen /dev/sdb1 daf83444-815d-4d55-b986-789c582ded0d

Expected results:
OSD configuration must be successful with OSDs up and in.

Additional info:
We tried executing open_encrypted_part manually which failed as keyring was not present inside osd-lockbox directory

It has been discussed with Sebastien, adding PR here
Comment 2 Sébastien Han 2017-10-11 12:29:19 UTC 
Fixed is in https://github.com/ceph/ceph-ansible/releases/tag/v3.0.1
Comment 3 Vasishta 2017-10-11 16:22:55 UTC 
Hi Ken,

Can we get the downstream build ASAP, as it is blocking one of our test scenarios ?

Thanks,
Vasishta
Comment 8 Vasishta 2017-10-16 09:40:20 UTC 
Hi Drew,

Sorry for missing it, Thanks a lot for the information.

Working fine with ceph-ansible-3.0.2-1.el7cp.noarch, moving to VERIFIED state.

Regards,
Vasishta
Comment 11 errata-xmlrpc 2017-12-05 23:47:58 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:3387