+++ This bug was initially created as a clone of Bug #1362514 +++ +++ This bug was initially created as a clone of Bug #1362512 +++ Description of problem: The following failure is seen when attempting to attach multipath backed encrypted volumes to an instance : 2016-08-01 18:27:32.081 13629 DEBUG nova.openstack.common.processutils [req-945b0e6f-b1ed-47b1-9fec-86058d8a2225 ] Running cmd (subprocess): sudo nova-rootwrap /etc/nova/rootwrap.conf cryptsetup luksOpen --key-file=- /dev/dm-8 3600a098038303365763f476c63634758 execute /usr/lib/python2.7/site-packages/nova/openstack/common/processutils.py:171 This is due to a 3600a098038303365763f476c63634758 device already present and in-use on the host. The following change recently corrected this against master : Fix multipath iSCSI encrypted volume attach failure https://review.openstack.org/#/c/196482/ This is only present in OSP 6 and 7 with the following Cinder bugfix : Cinder volume encryption with iSCSI backend doesn't work https://bugzilla.redhat.com/show_bug.cgi?id=1359197 Version-Release number of selected component (if applicable): OSP 6,7,8,9 How reproducible: Always Steps to Reproduce: 1. Attempt to attach a multipath backed encrypted volume to an instance. Actual results: `cryptsetup luksOpen` fails. Expected results: `cryptsetup luksOpen` succeeds and the volume is correctly attached. Additional info:
[root@serverC]# yum list installed | grep openstack-nova openstack-nova-api.noarch 2015.1.4-12.el7ost @RH7-RHOS-7.0 openstack-nova-cert.noarch 2015.1.4-12.el7ost @RH7-RHOS-7.0 openstack-nova-common.noarch 2015.1.4-12.el7ost @RH7-RHOS-7.0 openstack-nova-compute.noarch 2015.1.4-12.el7ost @RH7-RHOS-7.0 openstack-nova-conductor.noarch 2015.1.4-12.el7ost @RH7-RHOS-7.0 openstack-nova-console.noarch 2015.1.4-12.el7ost @RH7-RHOS-7.0 openstack-nova-novncproxy.noarch 2015.1.4-12.el7ost @RH7-RHOS-7.0 openstack-nova-scheduler.noarch 2015.1.4-12.el7ost @RH7-RHOS-7.0 [root@serverC]# cinder show 10edcf97-4161-4463-81d8-287595791ffb +---------------------------------------+--------------------------------------+ | Property | Value | +---------------------------------------+--------------------------------------+ | attachments | [] | | availability_zone | nova | | bootable | false | | created_at | 2016-08-16T00:15:17.000000 | | display_description | None | | display_name | vol1 | | encrypted | True | | id | 10edcf97-4161-4463-81d8-287595791ffb | | metadata | {} | | multiattach | false | | os-vol-host-attr:host | lynx13.qa.lab.tlv.redhat.com@lvm#lvm | | os-vol-mig-status-attr:migstat | None | | os-vol-mig-status-attr:name_id | None | | os-vol-tenant-attr:tenant_id | 1c54f9d3f7d64c7d9d3bc79c9e134105 | | os-volume-replication:driver_data | None | | os-volume-replication:extended_status | None | | size | 2 | | snapshot_id | None | | source_volid | None | | status | available | | volume_type | iscsi | +---------------------------------------+--------------------------------------+ [root@serverC]# cinder show fa632dc8-7091-4280-b672-c5712269aa07 +---------------------------------------+--------------------------------------+ | Property | Value | +---------------------------------------+--------------------------------------+ | attachments | [] | | availability_zone | nova | | bootable | false | | created_at | 2016-08-16T00:15:14.000000 | | display_description | None | | display_name | vol1 | | encrypted | True | | id | fa632dc8-7091-4280-b672-c5712269aa07 | | metadata | {} | | multiattach | false | | os-vol-host-attr:host | lynx13.qa.lab.tlv.redhat.com@lvm#lvm | | os-vol-mig-status-attr:migstat | None | | os-vol-mig-status-attr:name_id | None | | os-vol-tenant-attr:tenant_id | 1c54f9d3f7d64c7d9d3bc79c9e134105 | | os-volume-replication:driver_data | None | | os-volume-replication:extended_status | None | | size | 1 | | snapshot_id | None | | source_volid | None | | status | available | | volume_type | iscsi | +---------------------------------------+--------------------------------------+ [root@serverC]# nova list +--------------------------------------+------+--------+------------+-------------+------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+------+--------+------------+-------------+------------------+ | a01459ab-7360-487e-b4a1-d0dacd1d21d7 | vm1 | ACTIVE | - | Running | private=10.0.0.4 | +--------------------------------------+------+--------+------------+-------------+------------------+ [root@serverC]# [root@serverC]# nova volume-attach vm1 fa632dc8-7091-4280-b672-c5712269aa07 +----------+--------------------------------------+ | Property | Value | +----------+--------------------------------------+ | device | /dev/vdb | | id | fa632dc8-7091-4280-b672-c5712269aa07 | | serverId | a01459ab-7360-487e-b4a1-d0dacd1d21d7 | | volumeId | fa632dc8-7091-4280-b672-c5712269aa07 | +----------+--------------------------------------+ [root@serverC]# nova volume-attach vm1 10edcf97-4161-4463-81d8-287595791ffb +----------+--------------------------------------+ | Property | Value | +----------+--------------------------------------+ | device | /dev/vdc | | id | 10edcf97-4161-4463-81d8-287595791ffb | | serverId | a01459ab-7360-487e-b4a1-d0dacd1d21d7 | | volumeId | 10edcf97-4161-4463-81d8-287595791ffb | +----------+--------------------------------------+ [root@serverC]# [root@serverC]# cinder list +--------------------------------------+-----------+--------------+------+-------------+----------+--------------------------------------+ | ID | Status | Display Name | Size | Volume Type | Bootable | Attached to | +--------------------------------------+-----------+--------------+------+-------------+----------+--------------------------------------+ | 10edcf97-4161-4463-81d8-287595791ffb | in-use | vol1 | 2 | iscsi | false | a01459ab-7360-487e-b4a1-d0dacd1d21d7 | | 1bb3b055-c589-4d21-9d57-60ae3e0c0cab | available | - | 1 | - | true | | | fa632dc8-7091-4280-b672-c5712269aa07 | in-use | vol1 | 1 | iscsi | false | a01459ab-7360-487e-b4a1-d0dacd1d21d7 | +--------------------------------------+-----------+--------------+------+-------------+----------+--------------------------------------+
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-1623.html