the 'int ret' variable of the inner scope was shadowing an 'int ret'
variable in the outer scope, so we weren't propagating any of the error
codes
Signed-off-by: Casey Bodley <cbodley@redhat.com>
the InitSyncStatus coroutine records the position to start incremental
sync after finishing a full sync. this should be the master's marker
from the current period, rather than its oldest log period
this also adds a check to run_sync() that restarts a full sync if it
sees that our sync period is behind the master's oldest log period
Signed-off-by: Casey Bodley <cbodley@redhat.com>
RGWMetadataManager::get_log() will allocate a log and keep it in memory.
this could lead to a potential denial of service by making requests with
lots of different period ids
RGWMetadataLog if effectively stateless (the only state is a set of
modified_shards, which are not touched by any of the rest api calls), so
we can use a temporary instead of calling get_log()
Signed-off-by: Casey Bodley <cbodley@redhat.com>
now that the shards will be coming and going after startup, they need to
be reference counted and protected by a mutex
Signed-off-by: Casey Bodley <cbodley@redhat.com>
Prior to this commit, the tarball from "make dist" did not include the
ceph-detect-init(8) man page rST source.
Signed-off-by: Ken Dreyer <kdreyer@redhat.com>
rgw: adjust error code when bucket does not exist in copy operation
rgw: don't override error when initializing zonegroup
Fixes: #14975
Reviewed-by: Orit Wasserman <owasserm@redhat.com>
dmcrypt_map is idempotent, it does not matter that it is called multiple
times when activating or preparing a device. It is however important to
not cryptsetup remove the device after preparing it because partprobe
may not re-send another add udev event to luksOpen / create it again.
On Ubuntu 14.04, no extra add udev event is sent after the partition was
acknowledged by the kernel. On CentOS 7.2 an extra udev event is sent
for each existing partition, regardless of what the kernel already
knows.
The format() function is just a call to map() to limit the extent of the
refactor. The dmcrypt_map/unmap functions should be refactored into a
device class and the format() function can then be made more specific.
Signed-off-by: Loic Dachary <loic@dachary.org>
Simulate the cases where the activation (via udev running trigger)
sequences are:
* journal then lockbox
* data then lockbox
* lockbox
All of them must end with the OSD verfied to be up.
Signed-off-by: Loic Dachary <loic@dachary.org>
The ceph-disk activate errors were ignored and not displayed. Capture
stdout/stderr and display it if the exit code is non zero. Also fail
when an activate fails.
Pass the --verbose flag to activate, if given to trigger.
Signed-off-by: Loic Dachary <loic@dachary.org>
list may try to mount partitions to figure out the OSD id and other
details. If it does so while the OSD is activated, it will race and lead
to errors, either for activation or for list.
Signed-off-by: Loic Dachary <loic@dachary.org>
The ceph-disk page is often obsolete, mostly because maintaining
it requires a significant amount of copy/paste and re-formatting.
Now that the --help of ceph-disk has been updated to include a more
verbose explanation of each subcommand, simplify the man page to
give an overview of the subcommands and suggest the --help is used
to get more information.
Signed-off-by: Loic Dachary <loic@dachary.org>
Instead of storing the dmcrypt keys in the /etc/ceph/dmcrypt-keys
directory, they are stored in the monitor. If a machine with
OSDs created with ceph-disk prepare --dmcrypt is lost, it does
not contain the key that would allow to decrypt their content.
The dmcrypt key is retrieved from the monitor using a different keyring
for each OSD. It is stored in a small partition called the lockbox. At
boot time the lockbox is mounted
/var/lib/ceph/osd-lockbox/$uuid
and used when the $uuid partition is detected by udev to map it with
cryptsetup.
The OSDs that were prepared prior to the lockbox implementation are
supported by looking up the key found in /etc/ceph/dmcrypt-keys before
looking in /var/lib/ceph/osd-lockbox/$uuid.
http://tracker.ceph.com/issues/14669Fixes: #14669
Signed-off-by: Loic Dachary <loic@dachary.org>
The ceph-disk trigger deals with dmcrypt mapping which is redundant with
what ceph-disk activate-* does when the --dmcrypt flag is set. Remove
the dmcrypt mapping code and add the --dmcrypt flag to ceph-disk
activate-* where relevant.
Signed-off-by: Loic Dachary <loic@dachary.org>
The dmcrypt boolean needs to be set for destroy to ensure the
journal/block partitions are 'cryptsetup remove'.
Signed-off-by: Loic Dachary <loic@dachary.org>
rgw: indexless buckets (Yehuda Sadeh)
- can define a policy, for which buckets are indexless
- users can then create buckets under the specified placement target
- indexless buckets will not be synced across zones
- does not work with (s3) versioned buckets
Reviewed-by: Matt Benjamin <mbenjamin@redhat.com>
Signed-off-by: Yehuda Sadeh <yehuda@redhat.com>