Feature #4366
ceph-deploy: create config push option
0%
Description
Neil needs to fill in more specific requirements here, but for a starting point, something like:
"ceph-deploy rbd-client <host> <client-name> <pool-images-are-in>"
to get-or-create a client key with <client-name> that has the permissions it needs to access RBD images in the pool <pool-images-are-in>.
History
#1 Updated by Greg Farnum almost 8 years ago
The ceph-deploy admin command sets up a host with admin keys, so it has full permissions on the cluster. Presumably you'll want to generate clients with more limited keys. I suppose perhaps we could add functionality to create reasonable-default RGW or RBD keys.
#2 Updated by Neil Levine almost 8 years ago
Got it. so, yeah an alternative client switch which only installs limited keys would be very useful.
I'll create a separate ticket for the localhost logic.
#3 Updated by Neil Levine almost 8 years ago
- Status changed from New to 12
#4 Updated by Greg Farnum almost 8 years ago
- Subject changed from ceph-deploy: change 'admin' switch to 'client'? to ceph-deploy: create and deploy client keys with reasonable permissions
- Description updated (diff)
#5 Updated by Neil Levine almost 8 years ago
Sage was less in favour of having ceph-deploy handle creation and key deployment, which I think I now agree with. However, we did discuss having a 'config push' option which could deploy a new ceph.conf to the cluster and could be used with clients too.
This is actually quite important as after the graceful copy of the initial ceph.conf to the mon/osd nodes, you are back to manual scp'ing ceph.conf every time you change it.
#6 Updated by Neil Levine almost 8 years ago
- Subject changed from ceph-deploy: create and deploy client keys with reasonable permissions to ceph-deploy: create config push option
#7 Updated by Sage Weil almost 8 years ago
- Target version set to v0.60
#8 Updated by Sage Weil almost 8 years ago
- Status changed from 12 to Resolved