Feature #4366
closedceph-deploy: create config push option
0%
Description
Neil needs to fill in more specific requirements here, but for a starting point, something like:
"ceph-deploy rbd-client <host> <client-name> <pool-images-are-in>"
to get-or-create a client key with <client-name> that has the permissions it needs to access RBD images in the pool <pool-images-are-in>.
Updated by Greg Farnum about 11 years ago
The ceph-deploy admin command sets up a host with admin keys, so it has full permissions on the cluster. Presumably you'll want to generate clients with more limited keys. I suppose perhaps we could add functionality to create reasonable-default RGW or RBD keys.
Updated by Neil Levine about 11 years ago
Got it. so, yeah an alternative client switch which only installs limited keys would be very useful.
I'll create a separate ticket for the localhost logic.
Updated by Greg Farnum about 11 years ago
- Subject changed from ceph-deploy: change 'admin' switch to 'client'? to ceph-deploy: create and deploy client keys with reasonable permissions
- Description updated (diff)
Updated by Neil Levine about 11 years ago
Sage was less in favour of having ceph-deploy handle creation and key deployment, which I think I now agree with. However, we did discuss having a 'config push' option which could deploy a new ceph.conf to the cluster and could be used with clients too.
This is actually quite important as after the graceful copy of the initial ceph.conf to the mon/osd nodes, you are back to manual scp'ing ceph.conf every time you change it.
Updated by Neil Levine about 11 years ago
- Subject changed from ceph-deploy: create and deploy client keys with reasonable permissions to ceph-deploy: create config push option