← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1895696] Re: unable to boot instance from encrypted volume created from a glance image of an encrypted volume

 

** Also affects: nova/ussuri
   Importance: Undecided
       Status: New

** Changed in: nova/ussuri
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1895696

Title:
  unable to boot instance from encrypted volume created from a glance
  image of an encrypted volume

Status in Cinder:
  New
Status in OpenStack Compute (nova):
  Fix Released
Status in OpenStack Compute (nova) ussuri series:
  Fix Released

Bug description:
  Description
  ===========
  What the title says, plus see "steps to reproduce" below.
  This is a regression caused by the fix for https://bugs.launchpad.net/nova/+bug/1852106

  Steps to Reproduce
  ==================
  1. Let Image-1 be a "regular" (non-encrypted, bootable) image in Glance (like the cirros image).
  2. Create volume V-1 in Cinder from Image-1 specifying encrypted volume-type T-1.
  3. Boot an instance from V-1 (make sure delete-on-terminate is false).  Works fine.  Delete the instance to free up the volume.
  4. Call cinder upload-to-image on V-1 to create Image-2.
  5. Create volume V-2 in Cinder specifying encrypted volume-type T-1 from Image-2.
  6. Boot an instance from V-2.

  Expected result
  ===============
  Working instance booted from volume.

  Actual result
  =============
  ERROR (BadRequest): Image None is unacceptable: Direct booting of an image uploaded from an encrypted volume is unsupported. (HTTP 400)

  
  Note:
  If we bypass the check at https://review.opendev.org/#/c/707738/3/nova/compute/api.py@894, the instance goes 'active' and is operable (you can ssh into it).  (Of course, we don't want to bypass the check, it just needs to be made aware that we are booting from a volume, not trying to boot from an image.)

To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1895696/+subscriptions


References