Project

General

Profile

Bug #2532

rbd command allows passing in -K </path/to/secret>, but long version of (--secret) does not work

Added by Sam Zaydel over 11 years ago. Updated about 11 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Target version:
-
% Done:

0%

Source:
Development
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

While rolling back a snapshot I succeed when I pass in `-K with location of key file, but it looks like I fail when I attempt to use `--secret /path/to/secret` or `--secret=/path/to/secret`.

# rbd --name=client.admin -K ./secret.key --pool lab8_pool_a snap rollback --snap=lab8-001-20120607-001 lab8-001
Rolling back to snapshot: 100% complete...done.

# rbd --name=client.admin --secret ./secret.key --pool lab8_pool_a snap rollback --snap=lab8-001-20120607-001 lab8-001
2012-06-08 05:37:54.073360 7ff75be00780 -1 auth: failed to open keyring from /etc/ceph/ceph.client.admin.keyring
2012-06-08 05:37:54.073382 7ff75be00780 -1 monclient(hunting): failed to open keyring: (2) No such file or directory
2012-06-08 05:37:54.073418 7ff75be00780  0 librados: client.admin initialization error (2) No such file or directory
error: couldn't connect to the cluster!

# rbd --name=client.admin --secret=./secret.key --pool lab8_pool_a snap rollback --snap=lab8-001-20120607-001 lab8-001
2012-06-08 05:38:01.521293 7fb9a85fa780 -1 auth: failed to open keyring from /etc/ceph/ceph.client.admin.keyring
2012-06-08 05:38:01.521326 7fb9a85fa780 -1 monclient(hunting): failed to open keyring: (2) No such file or directory
2012-06-08 05:38:01.521359 7fb9a85fa780  0 librados: client.admin initialization error (2) No such file or directory
error: couldn't connect to the cluster!

It appears that the map operation is the other way around, where `--secret` does work, while the `-K` does not.

rbd --name=client.admin --pool lab8_pool_a  --snap=lab8-001-20120607-001 -K ./secret.key map lab8-001; echo $?
add failed: (22) Invalid argument
1

rbd --name=client.admin --pool lab8_pool_a  --snap=lab8-001-20120607-001 --secret ./secret.key map lab8-001; echo $?
0

# rbd --name=client.admin --pool lab8_pool_a  --snap=lab8-001-20120607-001 --secret=./secret.key map lab8-001; echo $?
0

History

#1 Updated by Sage Weil over 11 years ago

the option is --keyfile <file>... where did you see --secret <file> documented?

#2 Updated by Sam Zaydel over 11 years ago

This is part of the rbd cmd helper message. It seems that for the map command one uses --secret.

For the map command:
  --user <username>            rados user to authenticate as
  --secret <path>              file containing secret key for use with cephx

#3 Updated by Sam Zaydel over 11 years ago

When I try to use --keyfile=<file> with map, it seemingly fails, but using --secret=<file> succeeds.

# sudo rbd --id client.admin --pool lab8_pool_a  --keyfile=./secret.key map lab8-001; echo $?
add failed: (22) Invalid argument
1

# sudo rbd --id client.admin --pool lab8_pool_a  --secret=./secret.key map lab8-001; echo $?
0

#4 Updated by Sage Weil over 11 years ago

Oh, i see.

I think the right fix is to make '--secret' and synonym for '--keyfile', and fix up rbd to use the config-parsed value. There are already users of --secret and (possibly) --keyfile both.

#5 Updated by Sam Zaydel over 11 years ago

That's probably best. It is always easier though when all subcommands under the main command, rbd in this case used one argument name. I think consistency between cli tools is also key, so perhaps that should drive whether or not one or both of these options are used as synonyms of each other.

#6 Updated by Sage Weil about 11 years ago

  • Project changed from Ceph to rbd

#7 Updated by Sage Weil about 11 years ago

  • Status changed from New to Resolved

Also available in: Atom PDF