From 74169ca3944358be6a9bcf94d3df886e268312bb Mon Sep 17 00:00:00 2001 From: Satoru Takeuchi Date: Fri, 24 Apr 2020 16:56:03 +0000 Subject: [PATCH] cephadm: fix the hang-up of cryptsetup on creating encrypted OSD Creating encrypted OSD fails due to the container's dedicated ipc namespace. Sharing the ipc namespace with host resolve this problem. Here is the log. ``` host# cephadm shell ... # cat spec.yaml service_type: osd service_id: example_osd_spec placement: host_pattern: '*' data_devices: all: true encrypted: true # ceph orch apply osd -i spec.yaml NAME HOST DATA DB WAL example_osd_spec ubuntu1804 /dev/sdb - - # ceph osd tree ID CLASS WEIGHT TYPE NAME STATUS REWEIGHT PRI-AFF -1 0 root default 0 0 osd.0 down 0 1.00000 ``` It happens because cryptsetup wait some semaphore forever. This semaphore is acquired in the host namespace. ``` # exit # log out from shell host# pstree -p ... | |-containerd-shim(11804)-+-ceph-volume(11821)---cryptsetup(12004) ... host# ps --pid 12004 -o pid,comm,args,wchan PID COMMAND COMMAND WCHAN 12004 cryptsetup /usr/sbin/cryptsetup --key- semtimedop host# ``` Signed-off-by: Satoru Takeuchi (cherry picked from commit bcdabfc96c15c83afc01c155eb6b424a609271ae) --- src/cephadm/cephadm | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/cephadm/cephadm b/src/cephadm/cephadm index 7c4dc03eb54c7..55b21723759df 100755 --- a/src/cephadm/cephadm +++ b/src/cephadm/cephadm @@ -2120,6 +2120,7 @@ class CephContainer: 'run', '--rm', '--net=host', + '--ipc=host', ] + self.container_args + priv + \ cname + envs + \ vols + entrypoint + \ @@ -2153,6 +2154,7 @@ class CephContainer: 'run', '--rm', '--net=host', + '--ipc=host', ] + self.container_args + priv + envs + vols + [ '--entrypoint', cmd[0], self.image -- 2.39.5