mirror of
https://github.com/ceph/ceph
synced 2025-02-12 13:29:17 +00:00
9b7dcb894c
The cephadm container mounts the configfs and then bind mounts (-v) it
into the container. Currently the container is not a priviliaged
container which leads to 2 problems:
1. The container can't insert the iscsi_target_mod kernel module; and
2. The container can't write to the configfs as that's only writeable
by root.
We _can_ get around 1, by preloading the kernel module. I.E add it the
systemd unit file. But that doesn't help with 2.
I've tried mounting the configfs with uid and gid options, but configfs
doesn't use them.
If we make the container a priviliged container then magically both 1
and 2 are solved. We don't need to preload the module so that's one less
workaround. But more importantly, configfs can be written to so we can
create ISCSI targets etc.
So that's what this patch does, it makes iscsi containers privileged
containers by setting the CephContainer --priviliged while creating it.
Fixes: https://tracker.ceph.com/issues/45252
Signed-off-by: Matthew Oliver <moliver@suse.com>
|
||
|---|---|---|
| .. | ||
| arch | ||
| auth | ||
| bash_completion | ||
| blkin@f24ceec055 | ||
| c-ares@fd6124c74d | ||
| ceph-volume | ||
| cephadm | ||
| civetweb@bb99e93da0 | ||
| client | ||
| cls | ||
| common | ||
| compressor | ||
| crimson | ||
| crush | ||
| crypto | ||
| dmclock@11063a31ea | ||
| doc | ||
| erasure-code | ||
| fmt@7ad3015f5b | ||
| global | ||
| googletest@10b1902d89 | ||
| include | ||
| isa-l@806b55ee57 | ||
| java | ||
| journal | ||
| json_spirit | ||
| key_value_store | ||
| kv | ||
| librados | ||
| libradosstriper | ||
| librbd | ||
| log | ||
| lua@1fce39c639 | ||
| mds | ||
| messages | ||
| mgr | ||
| mon | ||
| mount | ||
| msg | ||
| objclass | ||
| objsync | ||
| ocf | ||
| os | ||
| osd | ||
| osdc | ||
| perfglue | ||
| powerdns | ||
| pybind | ||
| python-common | ||
| rapidjson@f54b0e47a0 | ||
| rbd_fuse | ||
| rbd_replay | ||
| rgw | ||
| rocksdb@4c736f1778 | ||
| script | ||
| seastar@663f9bb6cb | ||
| spawn@9ee6d12f35 | ||
| spdk@06d09c1108 | ||
| telemetry | ||
| test | ||
| tools | ||
| tracing | ||
| xxHash@1f40c6511f | ||
| zstd@83b51e9f88 | ||
| .gitignore | ||
| btrfs_ioc_test.c | ||
| ceph_common.sh | ||
| ceph_fuse.cc | ||
| ceph_mds.cc | ||
| ceph_mgr.cc | ||
| ceph_mon.cc | ||
| ceph_osd.cc | ||
| ceph_release | ||
| ceph_syn.cc | ||
| ceph_ver.c | ||
| ceph_ver.h.in.cmake | ||
| ceph-clsinfo | ||
| ceph-coverage.in | ||
| ceph-crash.in | ||
| ceph-create-keys | ||
| ceph-debugpack.in | ||
| ceph-osd-prestart.sh | ||
| ceph-post-file.in | ||
| ceph-rbdnamer | ||
| ceph-run | ||
| ceph.conf.twoosds | ||
| ceph.in | ||
| ckill.sh | ||
| cls_acl.cc | ||
| cls_crypto.cc | ||
| CMakeLists.txt | ||
| cmonctl | ||
| cstart.sh | ||
| etc-rbdmap | ||
| init-ceph.in | ||
| init-radosgw | ||
| init-rbdmap | ||
| krbd.cc | ||
| libcephfs.cc | ||
| librados-config.cc | ||
| loadclass.sh | ||
| logrotate.conf | ||
| mount.fuse.ceph | ||
| mrgw.sh | ||
| mrun | ||
| mstart.sh | ||
| mstop.sh | ||
| multi-dump.sh | ||
| mypy.ini | ||
| perf_histogram.h | ||
| ps-ceph.pl | ||
| push_to_qemu.pl | ||
| rbd-replay-many | ||
| rbdmap | ||
| README | ||
| sample.ceph.conf | ||
| stop.sh | ||
| TODO | ||
| vnewosd.sh | ||
| vstart.sh | ||
| yasm-wrapper | ||
Sage Weil <sage@newdream.net> Ceph - scalable distributed storage system