Code Review / apex-tripleo-heat-templates.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 97ef5a5)
Set ipc=host for services attaching encrypted volumes
authorEric Harney <eharney@redhat.com>
Wed, 1 Nov 2017 19:47:01 +0000 (15:47 -0400)
committerEmilien Macchi <emilien@redhat.com>
Sat, 4 Nov 2017 05:20:35 +0000 (05:20 +0000)
Without ipc=host set, cryptsetup/devicemapper will never
see devices created when running "cryptsetup luksOpen",
causing the command to hang.

This is required for attaching encrypted Cinder volumes.

Closes-Bug: #1729419
Change-Id: Ic7184b1fbbafea266f8ec1e7974d0a4a2cf4d750
(cherry picked from commit 05b61472463d5dbde3f1b1285819044409a80e2e)

docker/services/cinder-volume.yaml patch | blob | history
docker/services/nova-compute.yaml patch | blob | history

diff --git a/docker/services/cinder-volume.yaml b/docker/services/cinder-volume.yaml
index d8a93b1..46873ea 100644 (file)
--- a/docker/services/cinder-volume.yaml
+++ b/docker/services/cinder-volume.yaml
@@ -125,6 +125,7 @@ outputs:
         step_4:
           cinder_volume:
             image: *cinder_volume_image
+            ipc: host
             net: host
             privileged: true
             restart: always
diff --git a/docker/services/nova-compute.yaml b/docker/services/nova-compute.yaml
index 883f438..5163a38 100644 (file)
--- a/docker/services/nova-compute.yaml
+++ b/docker/services/nova-compute.yaml
@@ -115,6 +115,7 @@ outputs:
         step_4:
           nova_compute:
             image: &nova_compute_image {get_param: DockerNovaComputeImage}
+            ipc: host
             net: host
             privileged: true
             user: nova