Reject policies with invalid principals by default and provide more
useful error messages while doing so.
(Log them but do *not* reject the policy if it's set to false.)
Signed-off-by: Adam C. Emerson <aemerson@redhat.com>
One of the stated goals is compatibility with standard LUKS tools,
in particular being able to load encryption on images formatted with
cryptsetup. cryptsetup doesn't do this and this really interferes
with randomly generated (binary) passphrases.
While at it, open passphrase files as binary -- it communicates the
intent if nothing else on POSIX.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
pybind/mgr/cephadm/upgrade: allow upgrades without reducing max_mds
Reviewed-by: Adam King <adking@redhat.com>
Reviewed-by: Anthony D'Atri <anthonyeleven@users.noreply.github.com>
Reviewed-by: Patrick Donnelly <pdonnell@redhat.com>
This was introduce by commit e2a67f2a65,
for the third part applications they may still use the old macro.
Add it back and marked it as deprecated.
Fixes: https://tracker.ceph.com/issues/56638
Signed-off-by: Xiubo Li <xiubli@redhat.com>
this allows the log level of this http access log to be configured
separately from the 'rgw' subsystem, though the defaults are the same
Fixes: https://tracker.ceph.com/issues/54405
Signed-off-by: Casey Bodley <cbodley@redhat.com>
as per https://www.json.org/json-en.html, JSON encodes bool as
"true" or "false", without the quotes. before this change, the quotes
are always added when encoding boolean values.
but this change is not backward compatible.
encode_json()'s bool overload is used by rgw. it uses JSONObj
defined in common/ceph_json.h to decode JSON-encoded structs.
and it does not differentiate bool from str when decoding a boolean
value despite that it could have check the "quoted" member variable
of JSONObj for validating the type of value. so we should be fine.
Fixes: https://tracker.ceph.com/issues/55189
Signed-off-by: Kefu Chai <tchaikov@gmail.com>
This PR removes all of the release notes up to
version 17 (Quincy) inclusive.
As far as I know, for as long as I have worked
on the Ceph project, we have never cleaned up
the release notes from release to release.
Until now.
Signed-off-by: Zac Dover <zac.dover@gmail.com>
The progress module disabled the pg recovery event by default
since the event is expensive and has interrupted other serviceis
when there is OSDs being marked in/out from the the cluster.
To turn the event on manually:
ceph config set mgr mgr/progress/allow_pg_recovery_event true
Updated qa/tasks/mgr/test_progress.py to enable
the pg recovery event when testing the progress module.
Signed-off-by: Kamoltat <ksirivad@redhat.com>
The `fs volume rename` command renames the volume, i.e.,
orchestrator MDS service, file system, and the data and
metadata pool of the file system.
Fixes: https://tracker.ceph.com/issues/51162
Signed-off-by: Ramana Raja <rraja@redhat.com>
The 'mclock_scheduler' is not supported for filestore OSDs. Enforce the
usage of 'wpq' scheduler for such OSDs to avoid issues.
Also, in this scenario, the override of various config settings for the
'mclock_scheduler' are not performed.
Signed-off-by: Sridhar Seshasayee <sseshasa@redhat.com>
Filestore will be deprecated in Quincy, considering
that BlueStore has been the default objectstore for
quite some time.
Fixes: https://tracker.ceph.com/issues/49275
Signed-off-by: Prashant D <pdhange@redhat.com>
Add Release Notes and remove any `profile`
related stuff in the autoscaler documentation
and replace it with `bulk` flag.
Signed-off-by: Kamoltat <ksirivad@redhat.com>
Adam C. Emerson
Ilya Dryomov
yuval Lifshitz
Casey Bodley
Adam King
Neha Ojha
Radoslaw Zarzynski
Sridhar Seshasayee
dparmar18
Venky Shankar
Patrick Donnelly
Xiubo Li
Matan Breizman
Yaarit Hatuka
Laura Flores
Kefu Chai
Ziye Yang
Zac Dover
Casey Bodley
Yuri Weinstein
Kamoltat
Aishwarya Mathuria
Ramana Raja
Or Friedmann
Melissa Li
Prashant D