RepoMirrors/ceph
1
0
Fork 0
mirror of https://github.com/ceph/ceph synced 2024-12-22 19:34:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

systemd: autogenerate ceph-mgr key during daemon startup

Browse Source 
This is a hack to inject a key for the mgr daemon, using whatever
key already exists on the mon on this node to gain sufficient
permissions to create the mgr key.  Failure is ignored at every
step (the '-' prefix) in case someone has already used some other
trick to set everything up manually.

Signed-off-by: Tim Serong <tserong@suse.com>
This commit is contained in:
Tim Serong 2016-09-20 23:55:32 +10:00 committed by John Spray
parent 61d779345e
commit 082199f69d
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
systemd/ceph-mgr@.service
View File

@ -9,6 +9,15 @@ LimitNOFILE=1048576
LimitNPROC=1048576
EnvironmentFile=-/etc/sysconfig/ceph
Environment=CLUSTER=ceph
# This ExecStartPre business is a hack to inject a key for the mgr daemon,
# using whatever key already exists on the mon on this node to gain sufficient
# permissions to create the mgr key. Failure is ignored at every step (the
# '-' prefix) in case someone has already used some other trick to set
# everything up manually.
ExecStartPre=-/usr/bin/mkdir -p /var/lib/ceph/mgr/${CLUSTER}-%i
ExecStartPre=-/usr/bin/sh -c "[ -f /var/lib/ceph/mgr/${CLUSTER}-%i/keyring ] || /usr/bin/ceph-authtool --create-keyring --gen-key --name=mgr.%i /var/lib/ceph/mgr/${CLUSTER}-%i/keyring"
ExecStartPre=-/usr/bin/chown -R ceph.ceph /var/lib/ceph/mgr/${CLUSTER}-%i
ExecStartPre=-/usr/bin/ceph -i /var/lib/ceph/mgr/${CLUSTER}-%i/keyring auth add mgr.%i mon 'allow *' --keyring=/var/lib/ceph/mon/${CLUSTER}-%i/keyring --name=mon.
ExecStart=/usr/bin/ceph-mgr -f --cluster ${CLUSTER} --id %i --setuser ceph --setgroup ceph
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure