Bug 1824416
Summary: | NBDE cleanup playbook when run prematurely removes the keyslot on root disk | ||
---|---|---|---|
Product: | [Red Hat Storage] Red Hat Gluster Storage | Reporter: | SATHEESARAN <sasundar> |
Component: | gluster-ansible | Assignee: | Gobinda Das <godas> |
Status: | CLOSED ERRATA | QA Contact: | SATHEESARAN <sasundar> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | rhgs-3.5 | CC: | godas, pprakash, puebele, rhs-bugs, sabose, sasundar |
Target Milestone: | --- | Keywords: | ZStream |
Target Release: | RHGS 3.5.z Batch Update 2 | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | gluster-ansible-roles-1.0.5-10.el8rhgs | Doc Type: | No Doc Update |
Doc Text: | Story Points: | --- | |
Clone Of: | 1824414 | Environment: |
rhhiv, rhel8
|
Last Closed: | 2020-06-16 05:57:32 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1824414 |
Description
SATHEESARAN
2020-04-16 07:39:07 UTC
Only the slots containing the Clevis needs to be removed. This information can be obtained from clevis-luks-list command [root@ ~]# clevis-luks-list -d /dev/sda2 2: tang '{"url":"http://dhcp35-220.lab.eng.blr.redhat.com:7500"}' 3: tang '{"url":"http://dhcp35-114.lab.eng.blr.redhat.com"}' In this case, the values that needs to used are 2 and 3. clevis-luks-unbind -d /dev/sda2 -s 2 clevis-luks-unbind -d /dev/sda2 -s 3 No other slots should be used, because, the other keyslots may have key information pertaining to other keys Tested with gluster-ansible-roles-1.0.5-12.el8rhgs 1. Start NBDE playbook with incorrect disks 2. When the NBDE setup fails, perform cleanup 3. Check for the keyslots on the root disk. Root disk has that slot0 preserved. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2020:2575 |