Project

General

Profile

Actions
Copy link

Bug #16755

closed

ceph-disk: encryption assumes admin key is present

Added by Chris Holcombe over 7 years ago. Updated about 7 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Chris Holcombe
Category:
-
Target version:
-
% Done:

20%

Source:
Community (dev)
Tags:
Backport:
Regression:
No
Severity:
2 - major
Reviewed:
Affected Versions:
v10.2.0, v10.2.1, v10.2.2, v10.2.3
ceph-qa-suite:
ceph-disk
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

When testing the ceph-disk in jewel new behavior was noticed where it assumes an admin key is present on all the osd servers. When Ceph is deployed with juju we by default do not include the admin key on the osd servers. We only include a bootstrap key. I'm working on creating a small patch for ceph-disk where it has an --id option for ceph-disk prepare so that the create_key function can do the initial config-key put. I'd like to have a key on the osd cluster that only allows config-key put for this initial setup operation and tell ceph-disk to use that.

Related issues 1 (0 open1 closed)

Is duplicate of Ceph - Bug #17849: ceph-disk --dmcrypt create must not require admin keyResolvedLoïc Dachary11/09/2016

Actions
Actions
Copy link
 #2

Updated by Ken Dreyer over 7 years ago

I noticed a somewhat-related ticket today: #17849

Actions
Copy link
 #3

Updated by Loïc Dachary over 7 years ago

  • Is duplicate of Bug #17849: ceph-disk --dmcrypt create must not require admin key added
Actions
Copy link
 #4

Updated by Nathan Cutler about 7 years ago

  • Status changed from New to Resolved
Actions
Copy link

Also available in: Atom PDF