* refs/pull/30603/head:
ceph-daemon: -n type.id instead of -i id
ceph-daemon: drop unused VERSION
ceph-daemon: clean up dir helpers, tighten up permissions
ceph-daemon: fchmod before writing to keyring file
test_ceph_daemon.sh: skip ssh until container image has remoto
ceph-daemon: decode utf-8 in run() helper
mgr/ssh: clean up debug cruft
mgr/ssh: clean up bare except: block
ceph-daemon: clean up bare except: blocks
ceph-daemon: all imports to top
ceph-volume: no_tmpfs -> tmpfs
doc/bootstrap: add new bootstrap documentation
ceph-daemon: add --output-pub-ssh-key for bootstrap
ceph-daemon: make 'shell' easier to use
ceph-daemon: support docker; prefer podman
qa: add ceph-daemon
debian: ceph-daemon package, required by ceph-mgr-ssh
ceph.spec.in: ceph-daemon package, required by ceph-mgr
common/options: cleanup whitespace
mgr/ssh: simplify getting the cluster fsid
mgr/ssh: pipe ceph-daemon script to stdin of python3
ceph-daemon: add support for args and/or stdin from top of script
ceph-daemon: make ceph-volume use get_config_and_keyring
ceph-daemon: ls: behave if /var/log/ceph doesn't exist
ceph-daemon: implement 'adopt' for legacy style daemons
ceph-daemon: fix fsid detection for legacy osds
ceph-daemon: make rm-cluster clean up system-ceph*.slice too
ceph-daemon: configure ssh orchestrator
ceph-daemon: be more restrictive with file permissions
mgr/ssh: create osd with ceph-daemon
mgr/ssh: pass daemon id separately to _create_daemon
ceph-daemon: add --config-and-keyring to ceph-volume command
ceph-daemon: create log path for shell (if needed)
mgr/ssh: use _run_ceph_daemon for _create_daemon
mgr/ssh: factor _run_ceph_daemon out of _get_device_inventory
mon/ConfigMonitor: allow entity type only for 'config get'
ceph-daemon: add ceph-volume subcommand
ceph-daemon: remove unused CephContainer dname property
ceph-daemon: drop useless uid/gid checks
mgr/ssh: deploy new mgrs with ceph-daemon
mgr/ssh: factor _create_daemon out of create_mon
mon/MonCap: allow mgr to create new auth keys
mgr/ssh: run c-v with podman when getting inventory
mgr/ssh: simplify ssh connection management
mgr/ssh: use ceph-daemon for deploying mon
ceph-daemon: allow --mon-network for deploying new mon (vs specifying IP)
ceph-daemon: --config-and-keyring (not key)
common/options: add 'image' config option
test_ceph_daemon: specify image name
vstart.sh: add --ssh to enable+configure ssh orchestrator
mgr/ssh: use ssh identity from config-key, if present
mgr/ssh: hardcode default ssh_config
ceph-daemon: store ssh identity in mon config-key store
ceph-daemon: --privileged arg for 'exec'
ceph-daemon: make deploy work for osd (do a c-v prepare)
ceph-daemon: make shell privileged
ceph-daemon: move get_container_mounts to a helper
ceph-daemon: pass full path for entrypoint
ceph-daemon: make id portion of 'shell' optional
ceph-volume: accept --no-tmpfs argument for bluestore
ceph-daemon: 'unit' command
ceph-daemon: fix run command to use call(), not check_output()
src/ceph-daemon: whitespace
ceph-daemon: add 'enter', 'exec' commands
ceph-daemon: bind config to default location
test_ceph_daemon.sh: test deploy mds too
ceph-daemon: generate ssh keys
ceph-daemon: --config, not --conf
ceph-daemon: long lines
ceph-daemon: add --config to bootstrap
ceph-daemon: add 'shell' command
ceph-daemon: do not import subprocess symbols directly
ceph-daemon: add mons with 'deploy mon.x ...'
ceph-daemon: add 'ls'
ceph-daemon: simplify uid/gid a bit
ceph-daemon: fix libudev
ceph-daemon: autodetect uid/gid from container image
ceph-daemon: default to empty log files, log to stderr (systemd journal)
ceph-daemon: rm-{daemon,cluster}
ceph-daemon: fix bootstrap config
ceph-daemon: fix args.fsid usage
ceph-daemon: be careful overwriting live files
ceph-daemon: slurp some options over from the standard systemd unit
ceph-daemon: add ceph.target and ceph-$fsid.target units
test_ceph_daemon.sh: stupid test script
ceph-daemon: bootstrap and deploy (mgr) work
ceph-daemon: initial checkin
ceph-mon: fix debug print of public_addr
* refs/pull/30217/head:
crimson: common/admin_socket kludge so that it builds
mon/MonClient: fix sending mon command to a specific rank
src/.gitignore: ignore .tox
mon/MonClient: interpret numeric mon target name as rank
mgr,mgr/MgrClient: use fsid to signal mon-mgr vs cli MCommands
qa/workunits/cephtool: fix errpr checks for 'ceph daemon' commands
common/ceph_context: make 'config unset' idempotent
qa/tasks/dump_stuck: mon.a, not mon.0
qa/suites/rados/singleton/all/admin-socket: fix test
common/config: EPERM setting config option after startup
qa/workunits/cephtool/test.sh: fix tell output error check
common/admin_socket: pass Formatter from generic infrastructure
common/admin_socket: pass ostream to call() for error output
os/bluestore: fix asok hook return value
rgw: fix asok return value
common/ceph_context: return error code from asok commands
test/pybind/test_rados: fix accidental mon tell test
mon: print entity_name along with caps to debug log
PendingReleaseNotes: notes about asok changes
mgr/MgrClient: empty target string for 'tell' means active mgr
common/admin_socket: report error code as part of output string
osd: change trigger_[deep_]scrub tommands to a pg tell command
osd: remove old command workqueue, threadpool
osd: drop MMonCommand handling
osdc/Objecter: resend OSD tell commands on EAGAIN
osd: route tell commands to asok; migrate commands
osd: use unique_ptr<Formatter> for asok_command
common/ceph_context: add generic asok 'injectargs'
common/admin_socket: allow dup prefixes
common/admin_socket: refactor with sync and async execute_command variants
common/admin_socket: pass input bufferlist
osd: transition to call_async() for asok
common/admin_socket: support alternative call_async()
mon/MonClient: send tell commands out of band via MCommand
mon: accept tell commands via MCommand and send them to asok handler
common/admin_socket: return int from hook call()
mgr/DaemonServer: route MCommand (for octopus+) to asok commands
do not use 'ceph tell mgr'
pybind/ceph_argparse: disambiguate mgr tell and CLI commands
ceph: make 'ceph tell mgr.*' send to the active mgr
ceph: send 'ceph tell mgr.X' to the right mgr
librados: add rados_mgr_command_target
mgr/MgrClient: add start_command variant that takes a target
common/admin_socket: drop unregister_command(); use per-hook variant
common/admin_socket: drop explicit prefix arg to register_command
common/admin_socket: simplify command routing
common/admin_socket: add ability to process MCommand via asok queue
common/admin_socket: pass cmdvec to execute_command
common/admin_socket: use pipe for general wakeup
include/compat: add flags arg to pipe_cloexec
common/admin_socket: drop unused args
Reviewed-by: Neha Ojha <nojha@redhat.com>
Clarify supported secret engine in the Vault documentation.
Signed-off-by: Andrea Baglioni <andrea.baglioni@workday.com>
Signed-off-by: Sergio de Carvalho <sergio.carvalho@workday.com>
* refs/pull/29711/head:
doc: Update documentation for LazyIO
Reviewed-by: Patrick Donnelly <pdonnell@redhat.com>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Minor fix to config documentation.
Signed-off-by: Andrea Baglioni <andrea.baglioni@workday.com>
Signed-off-by: Sergio de Carvalho <sergio.carvalho@workday.com>
* refs/pull/30626/head:
doc: document recover_session= option in mount.ceph manpage
doc: update documents on using kcephfs
Reviewed-by: Patrick Donnelly <pdonnell@redhat.com>
Extend server-side encryption functionality in Rados Gateway to support
HashiCorp Vault as a Key Management System in addition to existing
support for OpenStack Barbican.
This is the first part of this change, supporting Vault's token-based
authentication only. Agent-based authentication as well as other
features such as Vault namespaces will be added in subsequent commits.
Note that Barbican remains the default backend for SSE-KMS
(rgw crypt s3 kms backend) to avoid breaking existing deployments.
Feature: https://tracker.ceph.com/issues/41062
Notes: https://pad.ceph.com/p/rgw_sse-kms
Implemented so far:
* Move existing SSE-KMS functions from rgw_crypt.cc to rgw_kms.cc
* Vault authentication with a token read from file
* Add new ceph.conf settings for Vault
* Document new ceph.conf settings
* Update main encryption documentation page
* Add documentation page for SSE-KMS using Vault
Signed-off-by: Andrea Baglioni <andrea.baglioni@workday.com>
Signed-off-by: Sergio de Carvalho <sergio.carvalho@workday.com>
Overhaul the fstab.rst and kernel.rst files with more relevant examples
now that the mount helper does autodiscovery. Add a preamble to
kernel-features.rst and add a warning about the deprecation of inline
data.
Fixes: https://tracker.ceph.com/issues/42025
Signed-off-by: Jeff Layton <jlayton@redhat.com>
osd/PrimaryLogPG: always use strict priority ordering for kicked recovery ops
Reviewed-by: Yan Jun <yan.jun8@zte.com.cn>
Reviewed-by: Sage Weil <sage@redhat.com>
`ceph {set,unset} full` does not take effect since mimic, and monitor
does not support this command since Octopus. so let's document this
change.
Signed-off-by: Kefu Chai <kchai@redhat.com>
This reverts commit c0f87e0f91.
The 'osd_op_queue_cut_off' config option determines which level of
high priority ops should use strict priority ordering and may change
from time to time. Since the main strategy of 'osd_kick_recovery_op_priority'
is to simply follow up 'osd_op_queue_cut_off', we can instead make a direct
use of 'osd_op_queue_cut_off' to achieve the same thing explicitly.
Signed-off-by: xie xingguo <xie.xingguo@zte.com.cn>
osd: Change osd op queue cut off default to high
Reviewed-by: Samuel Just <sjust@redhat.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Reviewed-by: xie xingguo <xie.xingguo@zte.com.cn>
* refs/pull/30525/head:
qa/tasks/ceph.conf.template: disable power-of-2 warning
qa/standalone/mon/health-mute: use power of 2 for pg_num
osd/OSDMap: remove remaining g_conf() usage
PendingReleaseNotes: add note for 14.2.5 so we can backport this
osd/OSDMap: health alert for non-power-of-two pg_num
Reviewed-by: Kai Wagner <kwagner@suse.com>
Reviewed-by: Nathan Cutler <ncutler@suse.com>
Reviewed-by: xie xingguo <xie.xingguo@zte.com.cn>
Add a new command-line switch to allow it to use the kernel client
instead, and add all of the machinery to handle local kcephfs mounts.
Document this in the developer guide, along with the appropriate scary
warnings about using this on a machine that you care about. While we're
in there, also correct a typo about FUSE configuration.
Fixes: https://tracker.ceph.com/issues/41910
Signed-off-by: Jeff Layton <jlayton@redhat.com>
* refs/pull/29906/head:
vstart_runner: name booleans for options differently
qa/vstart_runner.py: add an option to remove old log
qa/vstart_runner.py: make log initialization code reusable
qa/vstart_runner.py: make printing of stdout of ps optional
qa/vstart_runner.py: add timeout for vstart.sh and stop.sh
qa/vstart_runner.py: add an option to teardown cluster
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Also, skip the details about CephX user's keyring and monitor's socket
since the kernel driver can figure out these details automatically now.
Fixes: https://tracker.ceph.com/issues/41872
Signed-off-by: Rishabh Dave <ridave@redhat.com>
Add an option "--clear-old-log" to get rid of log entries before making
entries for current batch of tests.
Signed-off-by: Rishabh Dave <ridave@redhat.com>
stdout of ps command is generally pretty huge which makes it harder to
interpret logs. Don't print it by default and add "--log-ps-output" to
enable printing it.
Signed-off-by: Rishabh Dave <ridave@redhat.com>
Add "--teardown" option so that vstart_runner.py tears down Ceph
cluster automatically after the batch of tests has completed running.
Also delete build/dev and build/out directories, after running stop.sh.
Update the doc for vstart_runner.py as well.
Signed-off-by: Rishabh Dave <ridave@redhat.com>
* refs/pull/29824/head:
qa: whitelist new FS_INLINE_DATA_DEPRECATED health warning
mds: add a HEALTH_WARN message when inline_data is enabled
mds: log a warning message when mds is started on an fs with inline_data
mon: deprecate CephFS inline_data support
Reviewed-by: Patrick Donnelly <pdonnell@redhat.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Reviewed-by: Douglas Fuller <dfuller@redhat.com>
