yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #94852
[Bug 2087913] [NEW] [cinder] cryptsetup permission issue with lock directory in cinder-volume deployment
Public bug reported:
The cinder-volume deployment is encountering permission issues with
cryptsetup operations due to missing lock directory configuration. While
/run/lock is mounted, cryptsetup additionally requires access to
/run/cryptsetup.
## Backend Storage Behavior
- **Ceph**: Works correctly without lock directory issues
- **NetApp**: Fails with exit code 5 due to lock directory permissions
- **PowerFlex**: Experiences similar issues as NetApp configuration
## Error message shows : cryptsetup command fails with exit code 5
ERROR cinder.volume.volume_utils oslo_concurrency.processutils.ProcessExecutionError: Unexpected error while running command.
ERROR cinder.volume.volume_utils Command: cryptsetup luksOpen --key-file=- /dev/dm-2 crypt-os-brick+dev+dm-2
ERROR cinder.volume.volume_utils Exit code: 5
ERROR cinder.volume.volume_utils Stdout: ''
ERROR cinder.volume.volume_utils Stderr: 'Failed to acquire read lock on device /dev/dm-2.\nDevice /dev/dm-2 is not a valid LUKS device.\n'
ERROR cinder.volume.volume_utils
## Expected Behavior : non-encrypted volumes should return exit code 1
** Affects: cinder
Importance: Undecided
Status: New
** Affects: openstack-helm
Importance: Undecided
Status: New
** Project changed: keystone => cinder
** Also affects: openstack-helm
Importance: Undecided
Status: New
** Description changed:
The cinder-volume deployment is encountering permission issues with
cryptsetup operations due to missing lock directory configuration. While
/run/lock is mounted, cryptsetup additionally requires access to
/run/cryptsetup.
+
+ ## Backend Storage Behavior
+ - **Ceph**: Works correctly without lock directory issues
+ - **NetApp**: Fails with exit code 5 due to lock directory permissions
+ - **PowerFlex**: Experiences similar issues as NetApp configuration
## Error message shows : cryptsetup command fails with exit code 5
ERROR cinder.volume.volume_utils oslo_concurrency.processutils.ProcessExecutionError: Unexpected error while running command.
ERROR cinder.volume.volume_utils Command: cryptsetup luksOpen --key-file=- /dev/dm-2 crypt-os-brick+dev+dm-2
ERROR cinder.volume.volume_utils Exit code: 5
ERROR cinder.volume.volume_utils Stdout: ''
ERROR cinder.volume.volume_utils Stderr: 'Failed to acquire read lock on device /dev/dm-2.\nDevice /dev/dm-2 is not a valid LUKS device.\n'
ERROR cinder.volume.volume_utils
## Expected Behavior : non-encrypted volumes should return exit code 1
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/2087913
Title:
[cinder] cryptsetup permission issue with lock directory in cinder-
volume deployment
Status in Cinder:
New
Status in openstack-helm:
New
Bug description:
The cinder-volume deployment is encountering permission issues with
cryptsetup operations due to missing lock directory configuration.
While /run/lock is mounted, cryptsetup additionally requires access to
/run/cryptsetup.
## Backend Storage Behavior
- **Ceph**: Works correctly without lock directory issues
- **NetApp**: Fails with exit code 5 due to lock directory permissions
- **PowerFlex**: Experiences similar issues as NetApp configuration
## Error message shows : cryptsetup command fails with exit code 5
ERROR cinder.volume.volume_utils oslo_concurrency.processutils.ProcessExecutionError: Unexpected error while running command.
ERROR cinder.volume.volume_utils Command: cryptsetup luksOpen --key-file=- /dev/dm-2 crypt-os-brick+dev+dm-2
ERROR cinder.volume.volume_utils Exit code: 5
ERROR cinder.volume.volume_utils Stdout: ''
ERROR cinder.volume.volume_utils Stderr: 'Failed to acquire read lock on device /dev/dm-2.\nDevice /dev/dm-2 is not a valid LUKS device.\n'
ERROR cinder.volume.volume_utils
## Expected Behavior : non-encrypted volumes should return exit code 1
To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/2087913/+subscriptions
