Project

General

Profile

Actions

Bug #53762

open

Problem with cephfs-mirror and cephadm / ceph orch

Added by Manuel Holtgrewe over 2 years ago. Updated almost 2 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
% Done:

0%

Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

After setting up cephfs mirroring and <tt>ceph orch apply cephfs-mirror</tt>, the mirroring daemon complains

2022-01-04T09:34:16.148+0000 7f39db6ac700 -1 auth: unable to find a keyring on /etc/ceph/ceph.client.NAME.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin,: (2) No such file or directory

There is no (documented) way that I found to hand in the keyring to the cephfs-mirror daemon when running inside of Docker. The only way appears to be to use a custom container service (https://docs.ceph.com/en/latest/cephadm/services/custom-container/) and there is no guidance how to fill that out for the cephfs-mirror.

Actions #1

Updated by Venky Shankar over 2 years ago

Hey Manuel,

Did you bootstrap the remote peer using the "bootstrap create" and "bootstrap import" commands? The remote peer' user and key should get stored in monitor config store.

Also, note that, bootstrapping a peer is the recommended way to add a peer.

Actions #2

Updated by Manuel Holtgrewe over 2 years ago

Hello. Yes, I can confirm that I used this bootstrapping.

Actions #3

Updated by Sebastian Wagner over 2 years ago

  • Project changed from Ceph to Orchestrator
Actions #4

Updated by Sebastian Wagner about 2 years ago

you really should not try to deploy physical keys within the containers. The only sane way is to have those keys accessible directly via the MONs (config, config-key etc)

Actions #5

Updated by Manuel Holtgrewe almost 2 years ago

Sebastian Wagner wrote:

you really should not try to deploy physical keys within the containers. The only sane way is to have those keys accessible directly via the MONs (config, config-key etc)

I agree. But what options do I have when using cephadm? I was unable to make it work by the manual.

Actions #6

Updated by Redouane Kachach Elhichou almost 2 years ago

This new functionality may help (once merged) to add any custom file to your container: https://github.com/ceph/ceph/pull/46883

Actions

Also available in: Atom PDF