mirror of
https://github.com/ceph/ceph
synced 2025-01-11 21:50:26 +00:00
ceph-daemon: use client.admin keyring during bootstrap
It's usually okay to use the mon. key for CLI commands, except we had a mgr but that prevented you from issuing mgr commands correctly. We have the new client.admin key available, so use that instead. Update tests to not --skip-ssh (now that it doesn't hang). Signed-off-by: Sage Weil <sage@redhat.com>
This commit is contained in:
parent
d2c66f3879
commit
df40a49eb8
@ -70,8 +70,7 @@ $SUDO $CEPH_DAEMON --image $IMAGE bootstrap \
|
|||||||
--fsid $FSID \
|
--fsid $FSID \
|
||||||
--config $ORIG_CONFIG \
|
--config $ORIG_CONFIG \
|
||||||
--output-config $CONFIG \
|
--output-config $CONFIG \
|
||||||
--output-keyring $KEYRING \
|
--output-keyring $KEYRING
|
||||||
--skip-ssh
|
|
||||||
test -e $CONFIG
|
test -e $CONFIG
|
||||||
test -e $KEYRING
|
test -e $KEYRING
|
||||||
rm -f $ORIG_CONFIG
|
rm -f $ORIG_CONFIG
|
||||||
|
@ -841,11 +841,11 @@ def command_bootstrap():
|
|||||||
% (mon_key, admin_key, mgr_id, mgr_key, hostname, crash_key))
|
% (mon_key, admin_key, mgr_id, mgr_key, hostname, crash_key))
|
||||||
|
|
||||||
# tmp keyring file
|
# tmp keyring file
|
||||||
tmp_keyring = tempfile.NamedTemporaryFile(mode='w')
|
tmp_bootstrap_keyring = tempfile.NamedTemporaryFile(mode='w')
|
||||||
os.fchmod(tmp_keyring.fileno(), 0o600)
|
os.fchmod(tmp_bootstrap_keyring.fileno(), 0o600)
|
||||||
os.fchown(tmp_keyring.fileno(), uid, gid)
|
os.fchown(tmp_bootstrap_keyring.fileno(), uid, gid)
|
||||||
tmp_keyring.write(keyring)
|
tmp_bootstrap_keyring.write(keyring)
|
||||||
tmp_keyring.flush()
|
tmp_bootstrap_keyring.flush()
|
||||||
|
|
||||||
# create initial monmap, tmp monmap file
|
# create initial monmap, tmp monmap file
|
||||||
logger.info('Creating initial monmap...')
|
logger.info('Creating initial monmap...')
|
||||||
@ -883,7 +883,7 @@ def command_bootstrap():
|
|||||||
volume_mounts={
|
volume_mounts={
|
||||||
log_dir: '/var/log/ceph:z',
|
log_dir: '/var/log/ceph:z',
|
||||||
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
||||||
tmp_keyring.name: '/tmp/keyring:z',
|
tmp_bootstrap_keyring.name: '/tmp/keyring:z',
|
||||||
tmp_monmap.name: '/tmp/monmap:z',
|
tmp_monmap.name: '/tmp/monmap:z',
|
||||||
},
|
},
|
||||||
).run()
|
).run()
|
||||||
@ -896,18 +896,31 @@ def command_bootstrap():
|
|||||||
mon_c = get_container(fsid, 'mon', mon_id)
|
mon_c = get_container(fsid, 'mon', mon_id)
|
||||||
deploy_daemon_units(fsid, uid, gid, 'mon', mon_id, mon_c)
|
deploy_daemon_units(fsid, uid, gid, 'mon', mon_id, mon_c)
|
||||||
|
|
||||||
|
# client.admin key + config to issue various CLI commands
|
||||||
|
tmp_admin_keyring = tempfile.NamedTemporaryFile(mode='w')
|
||||||
|
os.fchmod(tmp_admin_keyring.fileno(), 0o600)
|
||||||
|
os.fchown(tmp_admin_keyring.fileno(), uid, gid)
|
||||||
|
tmp_admin_keyring.write('[client.admin]\n'
|
||||||
|
'\tkey = ' + admin_key + '\n')
|
||||||
|
tmp_admin_keyring.flush()
|
||||||
|
|
||||||
|
tmp_config = tempfile.NamedTemporaryFile(mode='w')
|
||||||
|
os.fchmod(tmp_config.fileno(), 0o600)
|
||||||
|
os.fchown(tmp_config.fileno(), uid, gid)
|
||||||
|
tmp_config.write(config)
|
||||||
|
tmp_config.flush()
|
||||||
|
|
||||||
logger.info('Waiting for mon to start...')
|
logger.info('Waiting for mon to start...')
|
||||||
while True:
|
while True:
|
||||||
c = CephContainer(
|
c = CephContainer(
|
||||||
image=args.image,
|
image=args.image,
|
||||||
entrypoint='/usr/bin/ceph',
|
entrypoint='/usr/bin/ceph',
|
||||||
args=[
|
args=[
|
||||||
'-n', 'mon.',
|
|
||||||
'-k', '/var/lib/ceph/mon/ceph-%s/keyring' % mon_id,
|
|
||||||
'-c', '/var/lib/ceph/mon/ceph-%s/config' % mon_id,
|
|
||||||
'status'],
|
'status'],
|
||||||
volume_mounts={
|
volume_mounts={
|
||||||
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
||||||
|
tmp_admin_keyring.name: '/etc/ceph/ceph.client.admin.keyring:z',
|
||||||
|
tmp_config.name: '/etc/ceph/ceph.conf:z',
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
out, err, ret = call(c.run_cmd(), c.entrypoint)
|
out, err, ret = call(c.run_cmd(), c.entrypoint)
|
||||||
@ -922,27 +935,27 @@ def command_bootstrap():
|
|||||||
out = CephContainer(
|
out = CephContainer(
|
||||||
image=args.image,
|
image=args.image,
|
||||||
entrypoint='/usr/bin/ceph',
|
entrypoint='/usr/bin/ceph',
|
||||||
args=['-n', 'mon.',
|
args=['config', 'assimilate-conf',
|
||||||
'-c', '/var/lib/ceph/mon/ceph-%s/config' % mon_id,
|
|
||||||
'-k', '/var/lib/ceph/mon/ceph-%s/keyring' % mon_id,
|
|
||||||
'config', 'assimilate-conf',
|
|
||||||
'-i', '/var/lib/ceph/mon/ceph-%s/config' % mon_id],
|
'-i', '/var/lib/ceph/mon/ceph-%s/config' % mon_id],
|
||||||
volume_mounts={
|
volume_mounts={
|
||||||
log_dir: '/var/log/ceph:z',
|
log_dir: '/var/log/ceph:z',
|
||||||
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % mon_id},
|
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % mon_id,
|
||||||
|
tmp_admin_keyring.name: '/etc/ceph/ceph.client.admin.keyring:z',
|
||||||
|
tmp_config.name: '/etc/ceph/ceph.conf:z',
|
||||||
|
},
|
||||||
).run()
|
).run()
|
||||||
logger.info('Generating new minimal ceph.conf...')
|
logger.info('Generating new minimal ceph.conf...')
|
||||||
out = CephContainer(
|
out = CephContainer(
|
||||||
image=args.image,
|
image=args.image,
|
||||||
entrypoint='/usr/bin/ceph',
|
entrypoint='/usr/bin/ceph',
|
||||||
args=['-n', 'mon.',
|
args=['config', 'generate-minimal-conf',
|
||||||
'-c', '/var/lib/ceph/mon/ceph-%s/config' % mon_id,
|
'-o', '/var/lib/ceph/mon/ceph-%s/config' % mon_id],
|
||||||
'-k', '/var/lib/ceph/mon/ceph-%s/keyring' % mon_id,
|
|
||||||
'config', 'generate-minimal-conf',
|
|
||||||
'-o', '/var/lib/ceph/mon/ceph-%s/config' % mon_id],
|
|
||||||
volume_mounts={
|
volume_mounts={
|
||||||
log_dir: '/var/log/ceph:z',
|
log_dir: '/var/log/ceph:z',
|
||||||
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % mon_id},
|
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % mon_id,
|
||||||
|
tmp_admin_keyring.name: '/etc/ceph/ceph.client.admin.keyring:z',
|
||||||
|
tmp_config.name: '/etc/ceph/ceph.conf:z',
|
||||||
|
},
|
||||||
).run()
|
).run()
|
||||||
# re-read our minimized config
|
# re-read our minimized config
|
||||||
with open(mon_dir + '/config', 'r') as f:
|
with open(mon_dir + '/config', 'r') as f:
|
||||||
@ -983,12 +996,11 @@ def command_bootstrap():
|
|||||||
image=args.image,
|
image=args.image,
|
||||||
entrypoint='/usr/bin/ceph',
|
entrypoint='/usr/bin/ceph',
|
||||||
args=[
|
args=[
|
||||||
'-n', 'mon.',
|
|
||||||
'-k', '/var/lib/ceph/mon/ceph-%s/keyring' % mon_id,
|
|
||||||
'-c', '/var/lib/ceph/mon/ceph-%s/config' % mon_id,
|
|
||||||
'status', '-f', 'json-pretty'],
|
'status', '-f', 'json-pretty'],
|
||||||
volume_mounts={
|
volume_mounts={
|
||||||
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
||||||
|
tmp_admin_keyring.name: '/etc/ceph/ceph.client.admin.keyring:z',
|
||||||
|
tmp_config.name: '/etc/ceph/ceph.conf:z',
|
||||||
},
|
},
|
||||||
).run()
|
).run()
|
||||||
j = json.loads(out)
|
j = json.loads(out)
|
||||||
@ -1022,9 +1034,6 @@ def command_bootstrap():
|
|||||||
image=args.image,
|
image=args.image,
|
||||||
entrypoint='/usr/bin/ceph',
|
entrypoint='/usr/bin/ceph',
|
||||||
args=[
|
args=[
|
||||||
'-n', 'mon.',
|
|
||||||
'-k', '/var/lib/ceph/mon/ceph-%s/keyring' % mon_id,
|
|
||||||
'-c', '/var/lib/ceph/mon/ceph-%s/config' % mon_id,
|
|
||||||
'config-key',
|
'config-key',
|
||||||
'set',
|
'set',
|
||||||
'mgr/ssh/ssh_identity_key',
|
'mgr/ssh/ssh_identity_key',
|
||||||
@ -1032,15 +1041,14 @@ def command_bootstrap():
|
|||||||
volume_mounts={
|
volume_mounts={
|
||||||
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
||||||
tmp_key.name: '/tmp/key:z',
|
tmp_key.name: '/tmp/key:z',
|
||||||
|
tmp_admin_keyring.name: '/etc/ceph/ceph.client.admin.keyring:z',
|
||||||
|
tmp_config.name: '/etc/ceph/ceph.conf:z',
|
||||||
},
|
},
|
||||||
).run()
|
).run()
|
||||||
CephContainer(
|
CephContainer(
|
||||||
image=args.image,
|
image=args.image,
|
||||||
entrypoint='/usr/bin/ceph',
|
entrypoint='/usr/bin/ceph',
|
||||||
args=[
|
args=[
|
||||||
'-n', 'mon.',
|
|
||||||
'-k', '/var/lib/ceph/mon/ceph-%s/keyring' % mon_id,
|
|
||||||
'-c', '/var/lib/ceph/mon/ceph-%s/config' % mon_id,
|
|
||||||
'config-key',
|
'config-key',
|
||||||
'set',
|
'set',
|
||||||
'mgr/ssh/ssh_identity_pub',
|
'mgr/ssh/ssh_identity_pub',
|
||||||
@ -1048,6 +1056,8 @@ def command_bootstrap():
|
|||||||
volume_mounts={
|
volume_mounts={
|
||||||
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
||||||
tmp_pub.name: '/tmp/pub:z',
|
tmp_pub.name: '/tmp/pub:z',
|
||||||
|
tmp_admin_keyring.name: '/etc/ceph/ceph.client.admin.keyring:z',
|
||||||
|
tmp_config.name: '/etc/ceph/ceph.conf:z',
|
||||||
},
|
},
|
||||||
).run()
|
).run()
|
||||||
|
|
||||||
@ -1061,14 +1071,13 @@ def command_bootstrap():
|
|||||||
image=args.image,
|
image=args.image,
|
||||||
entrypoint='/usr/bin/ceph',
|
entrypoint='/usr/bin/ceph',
|
||||||
args=[
|
args=[
|
||||||
'-n', 'mon.',
|
|
||||||
'-k', '/var/lib/ceph/mon/ceph-%s/keyring' % mon_id,
|
|
||||||
'-c', '/var/lib/ceph/mon/ceph-%s/config' % mon_id,
|
|
||||||
'mgr', 'module', 'enable', 'ssh'
|
'mgr', 'module', 'enable', 'ssh'
|
||||||
],
|
],
|
||||||
volume_mounts={
|
volume_mounts={
|
||||||
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
||||||
tmp_pub.name: '/tmp/pub:z',
|
tmp_pub.name: '/tmp/pub:z',
|
||||||
|
tmp_admin_keyring.name: '/etc/ceph/ceph.client.admin.keyring:z',
|
||||||
|
tmp_config.name: '/etc/ceph/ceph.conf:z',
|
||||||
},
|
},
|
||||||
).run()
|
).run()
|
||||||
logger.info('Setting orchestrator backend to ssh...')
|
logger.info('Setting orchestrator backend to ssh...')
|
||||||
@ -1076,14 +1085,14 @@ def command_bootstrap():
|
|||||||
image=args.image,
|
image=args.image,
|
||||||
entrypoint='/usr/bin/ceph',
|
entrypoint='/usr/bin/ceph',
|
||||||
args=[
|
args=[
|
||||||
'-n', 'mon.',
|
|
||||||
'-k', '/var/lib/ceph/mon/ceph-%s/keyring' % mon_id,
|
|
||||||
'-c', '/var/lib/ceph/mon/ceph-%s/config' % mon_id,
|
|
||||||
'orchestrator', 'set', 'backend', 'ssh'
|
'orchestrator', 'set', 'backend', 'ssh'
|
||||||
],
|
],
|
||||||
volume_mounts={
|
volume_mounts={
|
||||||
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
||||||
|
log_dir: '/var/log/ceph:z',
|
||||||
tmp_pub.name: '/tmp/pub:z',
|
tmp_pub.name: '/tmp/pub:z',
|
||||||
|
tmp_admin_keyring.name: '/etc/ceph/ceph.client.admin.keyring:z',
|
||||||
|
tmp_config.name: '/etc/ceph/ceph.conf:z',
|
||||||
},
|
},
|
||||||
).run()
|
).run()
|
||||||
host = get_hostname()
|
host = get_hostname()
|
||||||
@ -1092,14 +1101,13 @@ def command_bootstrap():
|
|||||||
image=args.image,
|
image=args.image,
|
||||||
entrypoint='/usr/bin/ceph',
|
entrypoint='/usr/bin/ceph',
|
||||||
args=[
|
args=[
|
||||||
'-n', 'mon.',
|
|
||||||
'-k', '/var/lib/ceph/mon/ceph-%s/keyring' % mon_id,
|
|
||||||
'-c', '/var/lib/ceph/mon/ceph-%s/config' % mon_id,
|
|
||||||
'orchestrator', 'host', 'add', host
|
'orchestrator', 'host', 'add', host
|
||||||
],
|
],
|
||||||
volume_mounts={
|
volume_mounts={
|
||||||
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
mon_dir: '/var/lib/ceph/mon/ceph-%s:z' % (mon_id),
|
||||||
tmp_pub.name: '/tmp/pub:z',
|
tmp_pub.name: '/tmp/pub:z',
|
||||||
|
tmp_admin_keyring.name: '/etc/ceph/ceph.client.admin.keyring:z',
|
||||||
|
tmp_config.name: '/etc/ceph/ceph.conf:z',
|
||||||
},
|
},
|
||||||
).run()
|
).run()
|
||||||
|
|
||||||
|
@ -22,8 +22,7 @@ EOF
|
|||||||
--mon-ip $ip \
|
--mon-ip $ip \
|
||||||
--config c \
|
--config c \
|
||||||
--output-keyring k \
|
--output-keyring k \
|
||||||
--output-config c \
|
--output-config c
|
||||||
--skip-ssh
|
|
||||||
chmod 644 k c
|
chmod 644 k c
|
||||||
|
|
||||||
if [ -n "$ip2" ]; then
|
if [ -n "$ip2" ]; then
|
||||||
|
Loading…
Reference in New Issue
Block a user