Bug #4756
closed
mkcephfs doesn't set up same keys as ceph-deploy
Added by Greg Farnum about 11 years ago.
Updated about 11 years ago.
Description
Notably, "mon." doesn't get any permissions associated with it, which can also lead to the problems in #4752. Until we officially deprecate mkcephfs it needs to support all the stuff we package.
I'll update mkcephfs to do this to ease future users' transition to ceph-deploy.
For existing clusters, the transition path is probably to document adding the line manually? Or make ceph-create-keys add it?
Well ceph-create-keys isn't able to add it because it needs those keys, right? ;)
I think a transition document is probably appropriate, or possibly a nicely packaged one-off script they can run.
wip-4756 tested out ok, commit:12bc9a7aa9cb2f47c952dee9abb210dc4eacf470
- Status changed from New to 12
- Assignee set to John Wilkins
The transition doc should be something like 'transitioning an existing cluster from mkcephfs to ceph-deploy', and the key step is to add the line
caps mon = "allow *"
to /var/lib/ceph/mon/ceph-$id/keyring
so that it looks something like
[mon.]
key = AQBJIHhRuHCwDRAAZjBTSJcIBIoGpdOR9ToiyQ==
caps mon = "allow *"
also the mon and osd data directories need to be /var/lib/ceph/osd/ceph-$id and /var/lib/ceph/mon/ceph-$id with keyrings in the 'keyring' file in those dirs.
- Status changed from 12 to In Progress
- Status changed from In Progress to Resolved
Also available in: Atom
PDF