When encrypted_data_bags is enabled, it is necessary to inject the OSD
secret into the monitor keyring used to create the cluster. If that
isn't done, by the time the OSD recipe tries to use the OSD secret as
client.bootstrap-osd, Ceph will have generated a random key (and it
won't match the key from the encrypted data bag).
When encrypted_data_bags is enabled, it is necessary to inject the OSD secret into the monitor keyring used to create the cluster. If that isn't done, by the time the OSD recipe tries to use the OSD secret as client.bootstrap-osd, Ceph will have generated a random key (and it won't match the key from the encrypted data bag).