Bug #4756
closedmkcephfs doesn't set up same keys as ceph-deploy
0%
Description
Notably, "mon." doesn't get any permissions associated with it, which can also lead to the problems in #4752. Until we officially deprecate mkcephfs it needs to support all the stuff we package.
Updated by Sage Weil about 11 years ago
I'll update mkcephfs to do this to ease future users' transition to ceph-deploy.
For existing clusters, the transition path is probably to document adding the line manually? Or make ceph-create-keys add it?
Updated by Greg Farnum about 11 years ago
Well ceph-create-keys isn't able to add it because it needs those keys, right? ;)
I think a transition document is probably appropriate, or possibly a nicely packaged one-off script they can run.
Updated by Sage Weil about 11 years ago
wip-4756 tested out ok, commit:12bc9a7aa9cb2f47c952dee9abb210dc4eacf470
Updated by Sage Weil about 11 years ago
- Status changed from New to 12
- Assignee set to John Wilkins
The transition doc should be something like 'transitioning an existing cluster from mkcephfs to ceph-deploy', and the key step is to add the line
caps mon = "allow *"
to /var/lib/ceph/mon/ceph-$id/keyring
so that it looks something like
[mon.] key = AQBJIHhRuHCwDRAAZjBTSJcIBIoGpdOR9ToiyQ== caps mon = "allow *"
also the mon and osd data directories need to be /var/lib/ceph/osd/ceph-$id and /var/lib/ceph/mon/ceph-$id with keyrings in the 'keyring' file in those dirs.
Updated by John Wilkins almost 11 years ago
- Status changed from 12 to In Progress
Updated by John Wilkins almost 11 years ago
- Status changed from In Progress to Resolved