Unable to create encrypted volumes with barbican key manager when not using the admin usesr
Issue
- We are unable to creat encrypted volumes with barbican key manager when not using the admin usesr as we get the following error in
/var/log/containers/cinder/cinder-volume.log:
2022-09-30 20:47:49.697 18 ERROR cinder.volume.utils
Flow 'volume_create_api': Invalid: Key manager error
2022-09-30 20:47:49.699 18 ERROR cinder.volume.api Traceback (most recent call last):
2022-09-30 20:47:49.699 18 ERROR cinder.volume.api File "/usr/lib/python2.7/site-packages/taskflow/engines/action_engine/executor.py", line 53, in _execute_task
2022-09-30 20:47:49.699 18 ERROR cinder.volume.api result = task.execute(**arguments)
2022-09-30 20:47:49.699 18 ERROR cinder.volume.api File "/usr/lib/python2.7/site-packages/cinder/volume/flows/api/create_volume.py", line 467, in execute
2022-09-30 20:47:49.699 18 ERROR cinder.volume.api image_meta)
2022-09-30 20:47:49.699 18 ERROR cinder.volume.api File "/usr/lib/python2.7/site-packages/cinder/volume/flows/api/create_volume.py", line 402, in _get_encryption_key_id
2022-09-30 20:47:49.699 18 ERROR cinder.volume.api volume_type_id)
2022-09-30 20:47:49.699 18 ERROR cinder.volume.api File "/usr/lib/python2.7/site-packages/cinder/volume/utils.py", line 909, in create_encryption_key
2022-09-30 20:47:49.699 18 ERROR cinder.volume.api raise exception.Invalid(message="Key manager error")
2022-09-30 20:47:49.699 18 ERROR cinder.volume.api Invalid: Key manager error
2022-09-30 20:47:49.699 18 ERROR cinder.volume.api
2022-09-30 20:48:04.573 22 ERROR castellan.key_manager.barbican_key_manager [req-c9dd538e-4190-4dd6-9a95-b6c539671deb 92118a6f413283c79b3693db209f10ea67ac1e6a95ca5a6780648c073c65ce5c 03ff0fe57cf54e10885be8ff9c751312 - 1b4a0a1e97ee4990af8d9d1bd2b6f949 1b4a0a1e97ee4990af8d9d1bd2b6f949] Order is in ERROR status - status code: 500, status reason: Process TypeOrder failure seen - please contact site administrator.
2022-09-30 20:48:04.574 22 ERROR cinder.volume.utils [req-c9dd538e-4190-4dd6-9a95-b6c539671deb 92118a6f413283c79b3693db209f10ea67ac1e6a95ca5a6780648c073c65ce5c 03ff0fe57cf54e10885be8ff9c751312 - 1b4a0a1e97ee4990af8d9d1bd2b6f949 1b4a0a1e97ee4990af8d9d1bd2b6f949] Key manager error: KeyManagerError: Key manager error: Order is in ERROR status - status code: 500, status reason: Process TypeOrder failure seen - please contact site administrator.
2022-09-30 20:48:04.574 22 ERROR cinder.volume.utils Traceback (most recent call last):
2022-09-30 20:48:04.574 22 ERROR cinder.volume.utils File "/usr/lib/python2.7/site-packages/cinder/volume/utils.py", line 903, in create_encryption_key
2022-09-30 20:48:04.574 22 ERROR cinder.volume.utils length=length)
2022-09-30 20:48:04.574 22 ERROR cinder.volume.utils File "/usr/lib/python2.7/site-packages/castellan/key_manager/barbican_key_manager.py", line 238, in create_key
2022-09-30 20:48:04.574 22 ERROR cinder.volume.utils order = self._get_active_order(barbican_client, order_ref)
2022-09-30 20:48:04.574 22 ERROR cinder.volume.utils File "/usr/lib/python2.7/site-packages/castellan/key_manager/barbican_key_manager.py", line 397, in _get_active_order
2022-09-30 20:48:04.574 22 ERROR cinder.volume.utils raise exception.KeyManagerError(reason=msg)
2022-09-30 20:48:04.574 22 ERROR cinder.volume.utils KeyManagerError: Key manager error: Order is in ERROR status - status code: 500, status reason: Process TypeOrder failure seen - please contact site administrator.
2022-09-30 20:48:04.574 22 ERROR cinder.volume.utils
Flow 'volume_create_api': Invalid: Key manager error
2022-09-30 20:48:04.576 22 ERROR cinder.volume.api Traceback (most recent call last):
2022-09-30 20:48:04.576 22 ERROR cinder.volume.api File "/usr/lib/python2.7/site-packages/taskflow/engines/action_engine/executor.py", line 53, in _execute_task
2022-09-30 20:48:04.576 22 ERROR cinder.volume.api result = task.execute(**arguments)
2022-09-30 20:48:04.576 22 ERROR cinder.volume.api File "/usr/lib/python2.7/site-packages/cinder/volume/flows/api/create_volume.py", line 467, in execute
2022-09-30 20:48:04.576 22 ERROR cinder.volume.api image_meta)
2022-09-30 20:48:04.576 22 ERROR cinder.volume.api File "/usr/lib/python2.7/site-packages/cinder/volume/flows/api/create_volume.py", line 402, in _get_encryption_key_id
2022-09-30 20:48:04.576 22 ERROR cinder.volume.api volume_type_id)
2022-09-30 20:48:04.576 22 ERROR cinder.volume.api File "/usr/lib/python2.7/site-packages/cinder/volume/utils.py", line 909, in create_encryption_key
2022-09-30 20:48:04.576 22 ERROR cinder.volume.api raise exception.Invalid(message="Key manager error")
2022-09-30 20:48:04.576 22 ERROR cinder.volume.api Invalid: Key manager error
2022-09-30 20:48:04.576 22 ERROR cinder.volume.api
Environment
- Red Hat OpenStack Platform 13.0 (RHOSP)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
