Project

General

Profile

Bug #21501

Updated by Ramana Raja over 1 year ago

Create a ceph auth ID with no caps,
$ sudo ceph auth get-or-create client.test2

Allow ceph_volume_client to authorize ID 'client.test2' access to a volume,
>>> import ceph_volume_client
>>> vc = ceph_volume_client.CephFSVolumeClient("manila", "/etc/ceph/ceph.conf", "ceph")
>>> vc.connect()
>>> vp = ceph_volume_client.VolumePath('group1', 'share1')
>>> vc.create_volume(vp, size=5)
{'mount_path': '/volumes/group1/share1'}
>>> vc.authorize(vp, 'test2')
Creating meta for ID test2 with tenant None
{'auth_key': None}
>>> vc.disconnect()

Check out the caps of 'client.test2' it's got invalid OSD and MDS caps, a ',' is at the beginning of the caps,
$ sudo ceph auth get client.test2
[client.test2]
key = AQD4CsVZCpBBORAAtqL6wndnhTbip9xf0NQeeQ==
caps mds = ",allow rw path=/volumes/group1/share1"
caps mon = "allow r"
caps osd = ",allow rw pool=cephfs_data namespace=fsvolumens_share1"

Back