Project

General

Profile

Actions
Copy link

Feature #62856

open

cephfs: persist an audit log in CephFS

Added by Patrick Donnelly 8 months ago. Updated 7 months ago.

Status:
New
Priority:
High
Assignee:
-
Category:
-
Target version:
Ceph - v19.0.0
% Done:

0%

Source:
Development
Tags:
Backport:
reef,quincy
Reviewed:
Affected Versions:
Component(FS):
tools
Labels (FS):
task(easy), task(intern)
Pull request ID:

Description

... for quickly learning what disaster tools and commands have been run on the file system.

Too often we see a cluster which is "broken" but it's not clear what may have been done to get it to that state. We have suspicions but asking a group of folks cooperatively maintaining the cluster may yield incomplete answers. So, it'd be very helpful if we could consult a persistent log which records all recovery actions taken on the cluster.

I think this log, to start, would simply record what commands (e.g. cephfs-journal-tool ...) have been run. We can modify these tools to record that information.

The trivial way to do this would be to link these tools to libcephsqlite where a database would be stored in the metadata pool. That database can then be pulled down when collecting data from the cluster and analyzed locally by developers.

Related issues 1 (1 open0 closed)

Blocked by mgr - Feature #62884: audit: create audit module which persists in RADOS important operations performed on the clusterNew

Actions
Actions
Copy link
 #1

Updated by Patrick Donnelly 7 months ago

  • Blocked by Feature #62884: audit: create audit module which persists in RADOS important operations performed on the cluster added
Actions
Copy link
 #2

Updated by Patrick Donnelly 7 months ago

We discussed this in standup today. We are now considering a design with a new "audit" module in the ceph-mgr.

Actions
Copy link

Also available in: Atom PDF