Project

General

Profile

Bug #14267

ceph-post-file doesn't work

Added by Sage Weil over 3 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Category:
-
Target version:
-
Start date:
01/06/2016
Due date:
% Done:

30%

Source:
other
Tags:
Backport:
jewel
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:

Description

drop.ceph.com needs to accept sftp and be able to write to the lab cluster (/ceph/post)

user exists.

i think it just needs a symlink in the home dir from post -> /ceph/post


Related issues

Copied to Ceph - Backport #17787: jewel: ceph-post-file doesn't work Resolved

History

#1 Updated by David Galloway over 3 years ago

  • Category set to DC ops
  • Status changed from New to In Progress
  • Assignee set to David Galloway
  • % Done changed from 0 to 30

A temporary solution is in place (gitbuilder-archive has VPN tunnel to the lab with long running cluster mounted) but we aim to move the service to a dedicated host as a permanent solution.

#2 Updated by David Galloway over 3 years ago

  • Priority changed from Urgent to Normal

#3 Updated by David Galloway over 3 years ago

  • Category changed from DC ops to Infrastructure Hardware

#4 Updated by David Galloway over 3 years ago

  • Category changed from Infrastructure Hardware to Infrastructure Service

Will move to physical host with public IP and access to LRC

#5 Updated by David Galloway almost 3 years ago

Filed PR to get ceph-post-file switched to RSA key. RSA pubkey has been put in authorized_keys on gitbuilder-archive and on new drop.ceph.com VM.

https://github.com/ceph/ceph/pull/10800

Still need to get public IP assigned and DNS switched over.

#6 Updated by David Galloway almost 3 years ago

  • Status changed from In Progress to Resolved

Service moved to new VM with ifaces on front VLAN (drop.front.sepia.ceph.com) and WAN (drop.ceph.com).

Tested and working!

$ ./ceph-post-file.in /tmp/dgalloway-new 
args: -- /tmp/dgalloway-new
./ceph-post-file.in: upload tag 1a8b5a81-5e1a-48bc-bf42-69fc236f89d0
./ceph-post-file.in: user: dgalloway@w541
./ceph-post-file.in: will upload file /tmp/dgalloway-new
sftp> mkdir post/1a8b5a81-5e1a-48bc-bf42-69fc236f89d0_dgalloway@w541_746ae882-235f-42a7-97b0-6c165fc36b38
sftp> cd post/1a8b5a81-5e1a-48bc-bf42-69fc236f89d0_dgalloway@w541_746ae882-235f-42a7-97b0-6c165fc36b38
sftp> put /tmp/tmp.vmBpn5LMIA user
sftp> put /tmp/dgalloway-new
./ceph-post-file.in: copy the upload id below to share with a dev:

ceph-post-file: 1a8b5a81-5e1a-48bc-bf42-69fc236f89d0

(tmp file deleted)

#7 Updated by Ken Dreyer almost 3 years ago

Does this need to get backported to the stable branches? When will the old keys stop working?

#8 Updated by David Galloway almost 3 years ago

Ken Dreyer wrote:

Does this need to get backported to the stable branches? When will the old keys stop working?

The old key will already not work if coming from a workstation running OpenSSH 7.0+ (unless the user modifies their local ssh config).

From the server-side perspective, I have the new drop.ceph.com VM set up to allow the DSA key for auth and don't see an immediate need to disable it any time soon.

#9 Updated by Loic Dachary over 2 years ago

  • Status changed from Resolved to Pending Backport
  • Backport set to jewel

#10 Updated by Loic Dachary over 2 years ago

  • Project changed from sepia to Ceph
  • Category deleted (Infrastructure Service)

#11 Updated by Loic Dachary over 2 years ago

#12 Updated by Loic Dachary over 2 years ago

  • Status changed from Pending Backport to Resolved

Also available in: Atom PDF