wrsadmin@pek-studio-1:~/openstack/keystone$ juju show-unit -m openstack keystone/0
keystone/0:
opened-ports: []
charm: ch:amd64/jammy/keystone-k8s-148
leader: true
life: alive
relation-info:
- relation-id: 60
endpoint: peers
related-endpoint: peers
application-data:
credential-keys-secret-id: secret://28a63850-0466-4758-8db3-359ccfe49820/cmosn9hralcnms6iig40
credentials__charm-keystone-admin: secret://28a63850-0466-4758-8db3-359ccfe49820/cmosn8hralcnms6iig30
credentials_admin: secret://28a63850-0466-4758-8db3-359ccfe49820/cmosnd9ralcnms6iig4g
credentials_horizon: secret://28a63850-0466-4758-8db3-359ccfe49820/cmoso99ralcnms6iig7g
credentials_openstack-hypervisor: secret://28a63850-0466-4758-8db3-359ccfe49820/cmotah1ralcnms6iig8g
credentials_svc_cinder: secret://28a63850-0466-4758-8db3-359ccfe49820/cmosnjhralcnms6iig50
credentials_svc_glance: secret://28a63850-0466-4758-8db3-359ccfe49820/cmosnq1ralcnms6iig5g
credentials_svc_neutron: secret://28a63850-0466-4758-8db3-359ccfe49820/cmosnu1ralcnms6iig60
credentials_svc_nova: secret://28a63850-0466-4758-8db3-359ccfe49820/cmoso69ralcnms6iig70
credentials_svc_placement: secret://28a63850-0466-4758-8db3-359ccfe49820/cmoso29ralcnms6iig6g
fernet-secret-id: secret://28a63850-0466-4758-8db3-359ccfe49820/cmosn9hralcnms6iig3g
leader_ready: "true"
old_service_users: '[]'
...
For the last secret “fernet-secret-id: secret://28a63850-0466-4758-8db3-359ccfe49820/cmosn9hralcnms6iig3g”, which is deleted accidentally by my colleague.
Is there a way to unset the “fernet-secret-id” to get keystone to recreate a new fernet secret?
For now, it reports an error:
[container-agent] 2024-02-29 00:17:17 INFO juju.worker.uniter.operation runhook.go:186 ran "start" hook (via hook dispatching script: dispatch)
[container-agent] 2024-02-29 00:17:18 INFO juju-log Entering guarded section: 'Bootstrapping'
[container-agent] 2024-02-29 00:17:19 WARNING juju-log Not running db-sync, it has run previously for this unit
[container-agent] 2024-02-29 00:17:19 ERROR juju-log Exception raised in section 'Bootstrapping':
[container-agent] 2024-02-29 00:17:19 ERROR juju-log Traceback (most recent call last):
[container-agent] File "/var/lib/juju/agents/unit-keystone-0/charm/venv/ops/model.py", line 2946, in _run
[container-agent] result = subprocess.run(args, **kwargs) # type: ignore
[container-agent] File "/usr/lib/python3.10/subprocess.py", line 526, in run
[container-agent] raise CalledProcessError(retcode, process.args,
[container-agent] subprocess.CalledProcessError: Command '('/var/lib/juju/tools/unit-keystone-0/secret-get', 'secret://28a63850-0466-4758-8db3-359ccfe49820/cmosn9hralcnms6iig3g', '--format=json')' returned non-zero exit status 1.
[container-agent]
[container-agent] The above exception was the direct cause of the following exception:
[container-agent]
[container-agent] Traceback (most recent call last):
[container-agent] File "/var/lib/juju/agents/unit-keystone-0/charm/venv/ops/model.py", line 3302, in secret_get
[container-agent] result = self._run('secret-get', *args, return_output=True, use_json=True)
[container-agent] File "/var/lib/juju/agents/unit-keystone-0/charm/venv/ops/model.py", line 2948, in _run
[container-agent] raise ModelError(e.stderr) from e
[container-agent] ops.model.ModelError: ERROR secret "secret://28a63850-0466-4758-8db3-359ccfe49820/cmosn9hralcnms6iig3g" not found
[container-agent]
[container-agent]
[container-agent] The above exception was the direct cause of the following exception:
[container-agent]
[container-agent] Traceback (most recent call last):
[container-agent] File "/var/lib/juju/agents/unit-keystone-0/charm/venv/ops_sunbeam/guard.py", line 91, in guard
[container-agent] yield
[container-agent] File "/var/lib/juju/agents/unit-keystone-0/charm/venv/ops_sunbeam/charm.py", line 291, in configure_charm
[container-agent] self.configure_unit(event)
[container-agent] File "/var/lib/juju/agents/unit-keystone-0/charm/./src/charm.py", line 1459, in configure_unit
[container-agent] self.update_fernet_keys_from_peer()
[container-agent] File "/var/lib/juju/agents/unit-keystone-0/charm/./src/charm.py", line 537, in update_fernet_keys_from_peer
[container-agent] fernet_secret = self.model.get_secret(id=fernet_secret_id)
[container-agent] File "/var/lib/juju/agents/unit-keystone-0/charm/venv/ops/model.py", line 276, in get_secret
[container-agent] content = self._backend.secret_get(id=id, label=label)
[container-agent] File "/var/lib/juju/agents/unit-keystone-0/charm/venv/ops/model.py", line 3305, in secret_get
[container-agent] raise SecretNotFoundError() from e
[container-agent] ops.model.SecretNotFoundError
[container-agent]
[container-agent] 2024-02-29 00:17:19 INFO juju.worker.uniter.operation runhook.go:186 ran "keystone-pebble-ready" hook (via hook dispatching script: dispatch)