Fix nova-libvirt's secrets - device or resource is busy

This patch removes the nova_libvirt_secret container volume because it is a complete antipattern, and during testing, I found that it causes problems. When it was necessary to copy libvirt secrets from /etc/kolla/nova-libvirt/secrets, the container logs reported that the resource is busy - precisely because it was a mounted container volume. This, of course, is unnecessary because the secrets are copied to the kolla host in /etc/kolla/nova-libvirt/secrets. Closes-Bug: #2073678 Change-Id: I715a6a95f9d32d62a8199727ddbaddd0dd7baa2d
2024-07-20 14:04:00 +02:00 · 2024-07-20 14:04:00 +02:00 · 82a642ed8b
commit 82a642ed8b
parent 2fc15e6c82
5 changed files with 17 additions and 1 deletions
--- a/ansible/roles/nova-cell/defaults/main.yml
+++ b/ansible/roles/nova-cell/defaults/main.yml
@ -380,7 +380,6 @@ nova_libvirt_default_volumes:
  - "{{ nova_instance_datadir_volume }}:/var/lib/nova/"
  - "{% if enable_shared_var_lib_nova_mnt | bool %}/var/lib/nova/mnt:/var/lib/nova/mnt:shared{% endif %}"
  - "nova_libvirt_qemu:/etc/libvirt/qemu"
-  - "nova_libvirt_secrets:/etc/libvirt/secrets"
  - "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
 nova_ssh_default_volumes:
  - "{{ node_config_directory }}/nova-ssh/:{{ container_config_directory }}/:ro"
--- a/ansible/roles/nova-cell/tasks/deploy.yml
+++ b/ansible/roles/nova-cell/tasks/deploy.yml
@ -35,3 +35,5 @@
    # and there is a cell conductor in the inventory to delegate to.
    - all_computes_in_batch | length > 0
    - groups[nova_cell_conductor_group] | length > 0
+
+- import_tasks: post-config.yml
--- a/ansible/roles/nova-cell/tasks/post-config.yml
+++ b/ansible/roles/nova-cell/tasks/post-config.yml
@ -0,0 +1,8 @@
+---
+# TODO(kevko) Remove in E cycle
+- name: Remove old nova_libvirt_secrets container volume
+  become: true
+  kolla_container:
+    container_engine: "{{ kolla_container_engine }}"
+    action: "remove_volume"
+    name: nova_libvirt_secrets
--- a/ansible/roles/nova-cell/tasks/rolling_upgrade.yml
+++ b/ansible/roles/nova-cell/tasks/rolling_upgrade.yml
@ -14,3 +14,5 @@

 - name: Flush handlers
  meta: flush_handlers
+
+- import_tasks: post-config.yml
--- a/releasenotes/notes/bug-2073678-45f31547395ef3c7.yaml
+++ b/releasenotes/notes/bug-2073678-45f31547395ef3c7.yaml
@ -0,0 +1,5 @@
+---
+fixes:
+  - |
+    Fixes busy libvirt's secret volume while secrets are changing.
+    `LP#2073678 <https://launchpad.net/bugs/2073678>`__