mirror of
https://github.com/ceph/ceph
synced 2025-02-23 11:07:35 +00:00
osd: add --mkkey mkfs option
Optionally generate a new key as part of the mkfs step. This makes life a bit easier for the admin. Signed-off-by: Sage Weil <sage.weil@dreamhost.com>
This commit is contained in:
Sage Weil
parent
8ad346a3a9
commit
bfca7ac58b
20
src/cosd.cc
20
src/cosd.cc
@ -63,6 +63,7 @@ int main(int argc, const char **argv)
|
||||
// osd specific args
|
||||
bool mkfs = false;
|
||||
bool mkjournal = false;
|
||||
bool mkkey = false;
|
||||
bool flushjournal = false;
|
||||
char *dump_pg_log = 0;
|
||||
FOR_EACH_ARG(args) {
|
||||
@ -70,6 +71,8 @@ int main(int argc, const char **argv)
|
||||
mkfs = true;
|
||||
} else if (CEPH_ARGPARSE_EQ("mkjournal", '\0')) {
|
||||
mkjournal = true;
|
||||
} else if (CEPH_ARGPARSE_EQ("mkkey", '\0')) {
|
||||
mkkey = true;
|
||||
} else if (CEPH_ARGPARSE_EQ("flush-journal", '\0')) {
|
||||
flushjournal = true;
|
||||
} else if (CEPH_ARGPARSE_EQ("dump-pg-log", '\0')) {
|
||||
@ -140,8 +143,23 @@ int main(int argc, const char **argv)
|
||||
if (!g_conf.osd_journal.empty())
|
||||
*_dout << " journal " << g_conf.osd_journal;
|
||||
*_dout << " for osd" << whoami << " fsid " << mc.monmap.fsid << dendl;
|
||||
exit(0);
|
||||
}
|
||||
if (mkkey) {
|
||||
EntityName ename(g_conf.name);
|
||||
EntityAuth eauth;
|
||||
eauth.key.create(CEPH_CRYPTO_AES);
|
||||
g_keyring.add(ename, eauth);
|
||||
bufferlist bl;
|
||||
::encode(g_keyring, bl);
|
||||
int r = bl.write_file(g_conf.keyring.c_str(), 0600);
|
||||
if (r)
|
||||
derr << TEXT_RED << " ** ERROR: writing new keyring to " << g_conf.keyring
|
||||
<< ": " << cpp_strerror(r) << TEXT_NORMAL << dendl;
|
||||
else
|
||||
derr << "created new key in keyring " << g_conf.keyring << dendl;
|
||||
}
|
||||
if (mkfs || mkkey)
|
||||
exit(0);
|
||||
if (mkjournal) {
|
||||
int err = OSD::mkjournal(g_conf.osd_data, g_conf.osd_journal);
|
||||
if (err < 0) {
|
||||
|
||||
@ -581,6 +581,11 @@ bool AuthMonitor::prepare_command(MMonCommand *m)
|
||||
goto done;
|
||||
}
|
||||
auth_inc.op = KeyServerData::AUTH_INC_ADD;
|
||||
|
||||
// suck in any caps too
|
||||
for (unsigned i=3; i+1<m->cmd.size(); i += 2)
|
||||
::encode(m->cmd[i+1], auth_inc.auth.caps[m->cmd[i]]);
|
||||
|
||||
dout(10) << " importing " << auth_inc.name << " " << auth_inc.auth << dendl;
|
||||
push_cephx_inc(auth_inc);
|
||||
|
||||
@ -604,7 +609,7 @@ bool AuthMonitor::prepare_command(MMonCommand *m)
|
||||
mon->key_server.get_auth(auth_inc.name, auth_inc.auth);
|
||||
|
||||
map<string,bufferlist> newcaps;
|
||||
for (unsigned i=3; i+1<m->cmd.size(); i++)
|
||||
for (unsigned i=3; i+1<m->cmd.size(); i += 2)
|
||||
::encode(m->cmd[i+1], newcaps[m->cmd[i]]);
|
||||
|
||||
auth_inc.op = KeyServerData::AUTH_INC_ADD;
|
||||
|
||||
@ -367,18 +367,14 @@ EOF
|
||||
EOF
|
||||
fi
|
||||
echo mkfs osd$osd
|
||||
cmd="$SUDO $CEPH_BIN/cosd -i $osd $ARGS --mkfs"
|
||||
cmd="$SUDO $CEPH_BIN/cosd -i $osd $ARGS --mkfs --mkkey"
|
||||
echo $cmd
|
||||
$cmd
|
||||
|
||||
if [ "$cephx" -eq 1 ]; then
|
||||
key_fn=dev/osd$osd/keyring
|
||||
$SUDO $CEPH_BIN/cauthtool --create-keyring --gen-key --name=osd.$osd \
|
||||
--cap mon 'allow *' \
|
||||
--cap osd 'allow *' \
|
||||
$key_fn
|
||||
echo adding osd$osd key to auth repository
|
||||
$SUDO $CEPH_ADM -i $key_fn auth add osd.$osd
|
||||
$SUDO $CEPH_ADM -i $key_fn auth add osd.$osd osd "allow *" mon "allow rwx"
|
||||
fi
|
||||
fi
|
||||
echo start osd$osd
|
||||
|
||||
Loading…
Reference in New Issue
Block a user