broken authentication when using multiple ceph backends on a single cinder application
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Cinder Charm |
Fix Released
|
High
|
James Page | ||
OpenStack Cinder-Ceph charm |
Fix Released
|
High
|
James Page |
Bug Description
When removing a cinder-ceph storage backend relation we ended up with a env var override for the cinder service that referenced the non-existing ceph authx key from cinder-ceph
Detail:
1. Pre-existing cinder service configured for rbd backend
2. Added a cinder-ceph service foo-storage and relate to cinder
3. Removed relation cinder - cinder-ceph
This reconfigured the original rbd backend in cinder.conf, however it left an override for ceph authx behind:
cat /etc/init/
env CEPH_ARGS="--id foo-storage"
As the foo-storage key doesn't exist at this point the cinder-volume service errored out with (redacted):
2018-05-04 14:22:19.576 4010160 ERROR cinder.
Command: ceph mon dump --format=json --id cinder --cluster ceph
Exit code: 1
Stdout: u''
Stderr: u'2018-05-04 14:22:19.561548 7ff990749700 -1 auth: unable to find a keyring on /etc/ceph/
61562 7ff990749700 0 librados: client.foo-storage initialization error (2) No such file or directory\nError connecting to cluster: ObjectNotFound\n').
Afaict those env settings are done on ceph-relation-
Version info: 17.08 charms on a trusty/mitaka cloud.
description: | updated |
Changed in charm-cinder: | |
status: | Fix Committed → Fix Released |
Changed in charm-cinder-ceph: | |
status: | Fix Committed → Fix Released |
I think this is side-effect of the history of this deployment - the ceph support directly in the cinder charm also writes this override, but I'm pretty sure that for any recent openstack release its simply not required so we could drop it from the charm and tidy up in a commit.
However that probably does not help the 'how do I move to cinder-ceph' use case that you have here.