Actions
Backport #57364
openquincy: multisite: metadata sync does not sync STS metadata (e.g., roles, policy, ...)
Release:
quincy
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Updated by Pritha Srivastava over 1 year ago
- Copied from Bug #51068: multisite: metadata sync does not sync STS metadata (e.g., roles, policy, ...) added
Updated by Pritha Srivastava over 1 year ago
- Description updated (diff)
- Status changed from New to In Progress
Updated by Yuri Weinstein about 1 year ago
Updated by Chris Durham about 1 year ago
Pritha,
I currently have a multisite configuration with two clusters, a master and a secondary site. I have developed a bunch of python that uses aws api calls to grab roles, including each role's asrd and polices, and then pushes that data to the secondary site, creating the role of the same name if required. That way, whenever I modify a role on the master site (the only site where I make modifications to roles), it gets pushed to the secondary site.
I am happy to strip this stuff out if we upgrade to a release that contains https://github.com/ceph/ceph/pull/48030, but how should I prepare my secondary cluster before I do this upgrade? Should I delete all the roles/asrd/polices on the secondary site first? Thanks!
Actions