Bug #55167
closed
ceph-volume lvm new-db does not create encrypted devices
Added by Marius Schiffer about 2 years ago.
Updated 8 months ago.
Backport:
reef, quincy, pacific
Description
If an OSD is created with --dmcrypt and later a DB or WAL device is added via ceph-volume new-db/new-wal, no LUKS device is created in the specified LV.
Instead the LV is used directly. Consequently, OSD activation fails as luksOpen fails.
During activation, ceph-volume wants to open the DB as an encrypted device, which it isn't. Manually creating the block.db symlink in the tmpfs allows starting.
Migrate also does not take encrypted devices into account.
I'm currently working on a fix
- Status changed from New to In Progress
- Assignee set to Marius Schiffer
Marius, any progress on that?
- Assignee changed from Marius Schiffer to Igor Fedotov
- Backport set to reef, quincy, pacific
- Pull request ID set to 50429
- Pull request ID changed from 50429 to 50427
- Status changed from In Progress to Pending Backport
- Copied to Backport #62358: reef: ceph-volume lvm new-db does not create encrypted devices added
- Copied to Backport #62359: quincy: ceph-volume lvm new-db does not create encrypted devices added
- Copied to Backport #62360: pacific: ceph-volume lvm new-db does not create encrypted devices added
- Tags set to backport_processed
- Status changed from Pending Backport to Resolved
Also available in: Atom
PDF