Project

General

Profile

Bug #4752

ceph-create-keys doesn't work on upgraded clusters

Added by Greg Farnum almost 7 years ago. Updated almost 7 years ago.

Status:
Resolved
Priority:
Urgent
Assignee:
-
Category:
ceph-deploy
Target version:
% Done:

0%

Source:
Development
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature:

Description

ceph-create-keys requires the "mon." key to have permission to do things to the monitors. Apparently older deployments leave mon. blank, while new ones give it these permissions.
Unfortunately, that means an upgrade from bobtail to cuttlefish leaves ceph-create-keys trying to run, and failing each time. I believe it loops attempting to succeed, which means unending spam to the monitor logs, as well as processes that never go away (which pile up if you restart your monitors, for instance).

I'm setting this to Urgent since we've seen several reports from early upgraders and I think it's going to hit everybody who does so.

History

#1 Updated by Sage Weil almost 7 years ago

oops, i dropped this ball.

ceph command was update dto return the error code, so it just need sto check if $! is EACCES/EPERM vs something else and exit gracefully instead of looping.

#2 Updated by Dan Mick almost 7 years ago

Ah. Well that seems easy enough.

#3 Updated by Ian Colle almost 7 years ago

  • Priority changed from Normal to Urgent

#4 Updated by Anonymous almost 7 years ago

  • Status changed from New to In Progress

#5 Updated by Dan Mick almost 7 years ago

ceph CLI currently fails in ceph_tool_common_init and doesn't pass back a failure code that can be interpreted, so return is always 1. That'll need fixing.

#6 Updated by Anonymous almost 7 years ago

  • Status changed from In Progress to Resolved

Further update from Dan indicated that EACCES was returned on authentication error after all. I tested the changes by stopping the monitor, setting the keyring cap filed to blank and restarting. Ceph-disk-create exited with error message.

Resolved with the following commit to next branch:

commit 1a8b30eff1c7336607872eb41113539ff8817a01
Author: Gary Lowell <>
Date: Fri Apr 19 11:19:05 2013 -0700

ceph-create-keys:  Don't wait if permission denied
If get or create keys returns permssion denied, exit
gracefully instead of retrying.
Signed-off-by: Gary Lowell  &lt;&gt;
Reviewed-by: Sage Weil &lt;&gt;

Also available in: Atom PDF