Fuel for OpenStack

Ceph deployment failed with ceph auth error auth add client.compute --in-file=/etc/ceph/ceph.client.compute.keyring returned 1 instead of one of [0]

Bug #1578566 reported by Tatyanka
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Fuel for OpenStack
Fix Committed
Critical
Oleksiy Molchanov
Fuel for OpenStack 10.0

Bug Description

Scenario:
            1. Create cluster
            2. Add 3 nodes with controller and ceph OSD roles
            3. Add 2 nodes with compute
            4. Deploy the cluster
            5. Run OSTF

Actual:
ceph-compute task failed on both compute nodes:
http://paste.openstack.org/show/496198/

iso: 164

Reproduced regurally on fuel-ci:
https://ci.fuel-infra.org/job/master.fuel-ostf.pkgs.ubuntu.gate_ostf_update/376/
https://ci.fuel-infra.org/job/master.fuel-ostf.pkgs.ubuntu.gate_ostf_update/372/console
https://ci.fuel-infra.org/job/master.fuel-ostf.pkgs.ubuntu.gate_ostf_update/371/console

Tags: area-puppet
Revision history for this message
Tatyanka (tatyana-leontovich) wrote :
Ivan Berezovskiy (iberezovskiy)
Changed in fuel:
assignee: MOS Puppet Team (mos-puppet) → MOS Ceph (mos-ceph)
status: New → Confirmed
Revision history for this message
Alexei Sheplyakov (asheplyakov) wrote :

> 2. Add 3 nodes with controller and ceph OSD roles

First of all deploying ceph OSD and monitor onto the same node is not supported [1]
(although it's possible to setup ceph that way manually for testing/development purposes).

2016-05-05 01:29:36 +0000 /Stage[main]/Ceph::Osds/Ceph::Osd[/dev/vdc3]/Exec[ceph-osd-prepare-/dev/vdc3]/returns (notice): Error: Partition(s) 1 on /dev/vdc3 have been written, but we have been unable to inform the kernel of the change, probably because it/they are in use. As a result, the old partition(s) will remain in use. You should reboot now before making further changes.
2016-05-05 01:29:36 +0000 /Stage[main]/Ceph::Osds/Ceph::Osd[/dev/vdc3]/Exec[ceph-osd-prepare-/dev/vdc3]/returns (notice): + udevadm settle

Secondly it looks like Fuel tries to alter auth rules before fetching the client.admin keyring:

$ ls -1 node-2/etc/ceph/
ceph.client.compute.keyring
ceph.conf
rbdmap

There's no ceph.client.admin.keyring so any ceph command is deemed to fail:

2016-05-05T01:30:26.898433+00:00 notice: (/Stage[main]/Osnailyfacter::Ceph::Ceph_compute/Ceph::Key[client.compute]/Exec[ceph-injectkey-client.compute]/returns) + ceph auth add client.compute --in-file=/etc/ceph/ceph.client.compute.keyring
2016-05-05T01:30:26.898433+00:00 notice: (/Stage[main]/Osnailyfacter::Ceph::Ceph_compute/Ceph::Key[client.compute]/Exec[ceph-injectkey-client.compute]/returns) 2016-05-05 01:30:26.873878 7f5d717d5700 -1 monclient(hunting): ERROR: missing keyring, cannot use cephx for authentication
2016-05-05T01:30:26.898433+00:00 notice: (/Stage[main]/Osnailyfacter::Ceph::Ceph_compute/Ceph::Key[client.compute]/Exec[ceph-injectkey-client.compute]/returns) 2016-05-05 01:30:26.873957 7f5d717d5700 0 librados: client.admin initialization error (2) No such file or directory
2016-05-05T01:30:26.898433+00:00 notice: (/Stage[main]/Osnailyfacter::Ceph::Ceph_compute/Ceph::Key[client.compute]/Exec[ceph-injectkey-client.compute]/returns) Error connecting to cluster: ObjectNotFound

[1] http://docs.ceph.com/docs/hammer/start/hardware-recommendations/#hard-disk-drives

Changed in fuel:
assignee: MOS Ceph (mos-ceph) → nobody
assignee: nobody → MOS Puppet Team (mos-puppet)
Revision history for this message
Alexei Sheplyakov (asheplyakov) wrote :

> Fuel tries to alter auth rules before fetching the client.admin keyring:

> $ ls -1 node-2/etc/ceph/
> ceph.client.compute.keyring
> ceph.conf
> rbdmap

> There's no ceph.client.admin.keyring so any ceph command is deemed to fail

Reassigning to MOS puppet team

Revision history for this message
Alexei Sheplyakov (asheplyakov) wrote :

> There's no ceph.client.admin.keyring so any ceph command is deemed to fail

There's a nice tool called ceph-deploy which handles a lot of such tiny details, please use that instead of reinventing the wheel

Oleksiy Molchanov (omolchanov)
Changed in fuel:
assignee: MOS Puppet Team (mos-puppet) → Oleksiy Molchanov (omolchanov)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to fuel-library (master)

Fix proposed to branch: master
Review: https://review.openstack.org/315486

Changed in fuel:
status: Confirmed → In Progress
Timur Nurlygayanov (tnurlygayanov)
no longer affects: fuel/mitaka
Revision history for this message
Timur Nurlygayanov (tnurlygayanov) wrote :

fix is merged, status changed to Fix Committed.
We are going to verify the fix.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to fuel-library (master)

Reviewed: https://review.openstack.org/315486
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=4790ef88dedd2d1d1f90477997224eda70ae8f39
Submitter: Jenkins
Branch: master

commit 4790ef88dedd2d1d1f90477997224eda70ae8f39
Author: Oleksiy Molchanov <email address hidden>
Date: Thu May 12 14:07:53 2016 +0300

    Add admin key to compute nodes

    * Add admin-key file to compute nodes in order to inject compute keys
    * Remove keys/fsid defaults and add validation

    Change-Id: I25774dbcc3beb00e6795c3cc29ab4c346a7af221
    Closes-Bug: 1578566

Dmitry Pyzhov (dpyzhov)
no longer affects: fuel/newton
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.