Project

General

Profile

Support #23401

rbd mirror lead to a potential risk that primary image can be remove from a remote cluster

Added by liuzhong chen about 3 years ago. Updated about 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
% Done:

0%

Tags:
Reviewed:
Affected Versions:
Pull request ID:

Description

when we use rbd mirror we must get class-write authority. But if we get this authority we can remove primary rbd image form remote cluster which is a potential risk.
I want to ask is there is any method to avoid this problem now.
my ceph version is : ceph 12.2.2

History

#1 Updated by Jason Dillaman about 3 years ago

  • Status changed from New to Closed

It's not possible since the remote rbd-mirror daemon needs to be able to (1) register with the journal and (2) create/delete snapshots for image syncing.

#2 Updated by liuzhong chen about 3 years ago

understand,thank you very much

Also available in: Atom PDF