+++ This bug was initially created as a clone of Bug #1362512 +++ Description of problem: The following failure is seen when attempting to attach multipath backed encrypted volumes to an instance : 2016-08-01 18:27:32.081 13629 DEBUG nova.openstack.common.processutils [req-945b0e6f-b1ed-47b1-9fec-86058d8a2225 ] Running cmd (subprocess): sudo nova-rootwrap /etc/nova/rootwrap.conf cryptsetup luksOpen --key-file=- /dev/dm-8 3600a098038303365763f476c63634758 execute /usr/lib/python2.7/site-packages/nova/openstack/common/processutils.py:171 This is due to a 3600a098038303365763f476c63634758 device already present and in-use on the host. The following change recently corrected this against master : Fix multipath iSCSI encrypted volume attach failure https://review.openstack.org/#/c/196482/ This is only present in OSP 6 and 7 with the following Cinder bugfix : Cinder volume encryption with iSCSI backend doesn't work https://bugzilla.redhat.com/show_bug.cgi?id=1359197 Version-Release number of selected component (if applicable): OSP 6,7,8,9 How reproducible: Always Steps to Reproduce: 1. Attempt to attach a multipath backed encrypted volume to an instance. Actual results: `cryptsetup luksOpen` fails. Expected results: `cryptsetup luksOpen` succeeds and the volume is correctly attached. Additional info:
Verified as follows, [root@serverX]# yum list installed | grep openstack-nova openstack-nova-api.noarch 1:12.0.4-6.el7ost @RH7-RHOS-8.0 openstack-nova-cert.noarch 1:12.0.4-6.el7ost @RH7-RHOS-8.0 openstack-nova-common.noarch 1:12.0.4-6.el7ost @RH7-RHOS-8.0 openstack-nova-compute.noarch 1:12.0.4-6.el7ost @RH7-RHOS-8.0 openstack-nova-conductor.noarch 1:12.0.4-6.el7ost @RH7-RHOS-8.0 openstack-nova-console.noarch 1:12.0.4-6.el7ost @RH7-RHOS-8.0 openstack-nova-novncproxy.noarch 1:12.0.4-6.el7ost @RH7-RHOS-8.0 openstack-nova-scheduler.noarch 1:12.0.4-6.el7ost @RH7-RHOS-8.0 [root@lynx13 ~]# [root@serverX]# nova list +--------------------------------------+------+--------+------------+-------------+------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+------+--------+------------+-------------+------------------+ | 0bf61fac-2700-4490-b7b2-d6cd9a5ff6d8 | vm1 | ACTIVE | - | Running | private=10.0.0.5 | +--------------------------------------+------+--------+------------+-------------+------------------+ [root@serverX]# cinder show vol1 +---------------------------------------+--------------------------------------+ | Property | Value | +---------------------------------------+--------------------------------------+ | attachments | [] | | availability_zone | nova | | bootable | false | | consistencygroup_id | None | | created_at | 2016-08-16T01:59:39.000000 | | description | None | | encrypted | True | | id | 6abc02fb-68d5-4759-983f-40860c613539 | | metadata | {} | | migration_status | None | | multiattach | False | | name | vol1 | | os-vol-host-attr:host | lynx13@lvm#lvm | | os-vol-mig-status-attr:migstat | None | | os-vol-mig-status-attr:name_id | None | | os-vol-tenant-attr:tenant_id | 1c54f9d3f7d64c7d9d3bc79c9e134105 | | os-volume-replication:driver_data | None | | os-volume-replication:extended_status | None | | replication_status | disabled | | size | 1 | | snapshot_id | None | | source_volid | None | | status | available | | user_id | 2216ac1b193f4ad2b21055d862c7992c | | volume_type | iscsi | +---------------------------------------+--------------------------------------+ [root@serverX]# cinder show vol2 +---------------------------------------+--------------------------------------+ | Property | Value | +---------------------------------------+--------------------------------------+ | attachments | [] | | availability_zone | nova | | bootable | false | | consistencygroup_id | None | | created_at | 2016-08-16T01:59:44.000000 | | description | None | | encrypted | True | | id | a52fb730-e608-42e0-9910-d9428e1c8ee5 | | metadata | {} | | migration_status | None | | multiattach | False | | name | vol2 | | os-vol-host-attr:host | lynx13@lvm#lvm | | os-vol-mig-status-attr:migstat | None | | os-vol-mig-status-attr:name_id | None | | os-vol-tenant-attr:tenant_id | 1c54f9d3f7d64c7d9d3bc79c9e134105 | | os-volume-replication:driver_data | None | | os-volume-replication:extended_status | None | | replication_status | disabled | | size | 1 | | snapshot_id | None | | source_volid | None | | status | available | | user_id | 2216ac1b193f4ad2b21055d862c7992c | | volume_type | iscsi | +---------------------------------------+--------------------------------------+ [root@serverX]# [root@serverX]# nova volume-attach vm1 6abc02fb-68d5-4759-983f-40860c613539 +----------+--------------------------------------+ | Property | Value | +----------+--------------------------------------+ | device | /dev/vdb | | id | 6abc02fb-68d5-4759-983f-40860c613539 | | serverId | 0bf61fac-2700-4490-b7b2-d6cd9a5ff6d8 | | volumeId | 6abc02fb-68d5-4759-983f-40860c613539 | +----------+--------------------------------------+ [root@serverX]# nova volume-attach vm1 a52fb730-e608-42e0-9910-d9428e1c8ee5 +----------+--------------------------------------+ | Property | Value | +----------+--------------------------------------+ | device | /dev/vdc | | id | a52fb730-e608-42e0-9910-d9428e1c8ee5 | | serverId | 0bf61fac-2700-4490-b7b2-d6cd9a5ff6d8 | | volumeId | a52fb730-e608-42e0-9910-d9428e1c8ee5 | +----------+--------------------------------------+ [root@serverX]# cinder list +--------------------------------------+-----------+------------------+------+------+-------------+----------+-------------+--------------------------------------+ | ID | Status | Migration Status | Name | Size | Volume Type | Bootable | Multiattach | Attached to | +--------------------------------------+-----------+------------------+------+------+-------------+----------+-------------+--------------------------------------+ | 6abc02fb-68d5-4759-983f-40860c613539 | in-use | - | vol1 | 1 | iscsi | false | False | 0bf61fac-2700-4490-b7b2-d6cd9a5ff6d8 | | a52fb730-e608-42e0-9910-d9428e1c8ee5 | attaching | - | vol2 | 1 | iscsi | false | False | | +--------------------------------------+-----------+------------------+------+------+-------------+----------+-------------+--------------------------------------+ [root@serverX]# cinder list +--------------------------------------+--------+------------------+------+------+-------------+----------+-------------+--------------------------------------+ | ID | Status | Migration Status | Name | Size | Volume Type | Bootable | Multiattach | Attached to | +--------------------------------------+--------+------------------+------+------+-------------+----------+-------------+--------------------------------------+ | 6abc02fb-68d5-4759-983f-40860c613539 | in-use | - | vol1 | 1 | iscsi | false | False | 0bf61fac-2700-4490-b7b2-d6cd9a5ff6d8 | | a52fb730-e608-42e0-9910-d9428e1c8ee5 | in-use | - | vol2 | 1 | iscsi | false | False | 0bf61fac-2700-4490-b7b2-d6cd9a5ff6d8 | +--------------------------------------+--------+------------------+------+------+-------------+----------+-------------+--------------------------------------+ [root@serverX]# multipath -ll 36001405afe50f730f8246b0ad4d7c417 dm-2 LIO-ORG ,IBLOCK size=1.0G features='0' hwhandler='0' wp=rw |-+- policy='service-time 0' prio=1 status=active | `- 6:0:0:0 sdb 8:16 active ready running `-+- policy='service-time 0' prio=1 status=enabled `- 7:0:0:0 sdc 8:32 active ready running 36001405418fa155253b45ec8febd642e dm-4 LIO-ORG ,IBLOCK size=1.0G features='0' hwhandler='0' wp=rw |-+- policy='service-time 0' prio=1 status=active | `- 8:0:0:0 sdd 8:48 active ready running `-+- policy='service-time 0' prio=1 status=enabled `- 9:0:0:0 sde 8:64 active ready running [root@serverX]#
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-1794.html