hi,
anybody see this error before, while integrating red hat open stack with ubuntu ceph
overcloud-computeids-2 | error={"ansible_job_id": "34
6042025410.662459", "attempts": 2, "changed": false, "finished": 1, "msg": "Paunch failed with config_id tripleo_step4", "rc": 1, "stderr": "Error executing ['podman', 'container', 'exists'
, 'nova_libvirt_init_secret']: returned 1\nDid not find container with \"['podman', 'ps', '-a', '--filter', 'label=container_name=nova_libvirt_init_secret', '--filter', 'label=config_id=tri
pleo_step4', '--format', '{{.Names}}']\" - retrying without config_id\nDid not find container with \"['podman', 'ps', '-a', '--filter', 'label=container_name=nova_libvirt_init_secret', '--f
ormat', '{{.Names}}']\"\nError executing ['podman', 'run', '--name', 'nova_libvirt_init_secret', '--label', 'config_id=tripleo_step4', '--label', 'container_name=nova_libvirt_init_secret',
'--label', 'managed_by=tripleo-Computeids', '--label', 'config_data={\"command\": [\"/bin/bash\", \"-c\", \"/usr/bin/virsh secret-define --file /etc/nova/secret.xml && SECRET_UUID=$(fgrep \
\\\\"fsid = \\\\\" /etc/ceph/ceph.conf | cut -d \\\\\" \\\\\" -f 3) && test -n \\\\\"$SECRET_UUID\\\\\" && SECRET_KEY=$(fgrep \\\\\"key = \\\\\" /etc/ceph/ceph.client.openstack.keyring | cu
t -d \\\\\" \\\\\" -f 3) && test -n \\\\\"$SECRET_KEY\\\\\" && /usr/bin/virsh secret-set-value --secret $SECRET_UUID --base64 $SECRET_KEY\\\\n\"], \"detach\": false, \"image\": \"192.168.0.
1:8787/rhosp-rhel8/openstack-nova-libvirt:16.2\", \"net\": \"host\", \"privileged\": false, \"security_opt\": \"label=disable\", \"user\": \"root\", \"volumes\": [\"/etc/hosts:/etc/hosts:ro
\", \"/etc/localtime:/etc/localtime:ro\", \"/etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro\", \"/etc/pki/ca-trust/source/anchors:/etc/pki/ca-trust/source/anchors:ro\", \"/etc/pk
i/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt:ro\", \"/etc/pki/tls/certs/ca-bundle.trust.crt:/etc/pki/tls/certs/ca-bundle.trust.crt:ro\", \"/etc/pki/tls/cert.pem:/etc/pki/tls/c
ert.pem:ro\", \"/dev/log:/dev/log\", \"/etc/puppet:/etc/puppet:ro\", \"/var/lib/config-data/puppet-generated/nova_libvirt/etc/nova:/etc/nova:ro\", \"/etc/ceph:/etc/ceph:ro\", \"/etc/libvirt
:/etc/libvirt\", \"/var/run/libvirt:/var/run/libvirt:shared,z\", \"/var/lib/libvirt:/var/lib/libvirt:shared\"], \"environment\": {\"TRIPLEO_CONFIG_HASH\": \"f780b2585d2cb2edc5954608158cf938
\"}}', '--conmon-pidfile=/var/run/nova_libvirt_init_secret.pid', '--log-driver', 'k8s-file', '--log-opt', 'path=/var/log/containers/stdouts/nova_libvirt_init_secret.log', '--env=TRIPLEO_CON
The tripleo_nova_libvirt ansible role is running the libvirt commands, with an already existing cephx key, described here:
It is trying to run these commands inside the container nova_libvirt_init_secret but it cannot find it.
SSH into overcloud-computeids-2 to debug. Looks like you're using an older version which used paunch to interface with the containers.
If this bit of ansible is able to do its job correctly, then it should create the libvirt secret and you should see something like this:
[stack@centos standalone]$ sudo podman exec -ti nova_compute /bin/bash
bash-5.1$ ls /etc/ceph/
ceph.conf ceph.openstack.keyring rbdmap
bash-5.1$
bash-5.1$ cat /etc/nova/secret.xml
<secret ephemeral='no' private='no'>
<usage type='ceph'>
<name>client.openstack secret</name>
</usage>
<uuid>604c9994-1d82-11ed-8ae5-5254003d6107</uuid>
</secret>
bash-5.1$
John