ceph clients can relate through the proxy

config.yaml

@@ -18,11 +18,11 @@ options:
     default:
     description: |
       Admin cephx key for existing Ceph cluster
-  mon-key:
+  # mon-key:
-    type: string
+  #   type: string
-    default:
+  #   default:
-    description: |
+  #   description: |
-      Monitor cephx key
+  #     Monitor cephx key
   source:
     type: string
     default:

hooks/ceph.py

@@ -372,7 +372,7 @@ def get_named_key(name, caps=None):
         "-u",
         ceph_user(),
         'ceph',
-        '--name', 'mon.',
+        '--name', 'client.admin',
         '--keyring',
         '/var/lib/ceph/mon/ceph-{}/keyring'.format(
             get_unit_hostname()

hooks/ceph_hooks.py

@@ -115,11 +115,11 @@ def emit_cephconf():
                         charm_ceph_conf, 100)
     keyring = 'ceph.client.admin.keyring'
     keyring_path = '/etc/ceph/' + keyring
-    render(keyring, keyring_path, {'admin_key': config('admin-key')}, perms=0o600)
+    render(keyring, keyring_path, {'admin_key': config('admin-key')}, owner=ceph.ceph_user(), perms=0o600)
 
     keyring = 'keyring'
     keyring_path = '/var/lib/ceph/mon/ceph-' + get_unit_hostname()+ '/' + keyring
-    render('mon.keyring', keyring_path, {'mon_key': config('mon-key')}, perms=0o600)
+    render('mon.keyring', keyring_path, {'admin_key': config('admin-key')}, owner=ceph.ceph_user(), perms=0o600)
 
     notify_radosgws()
     notify_client()

metadata.yaml

@@ -9,6 +9,9 @@ tags:
   - storage
   - file-servers
   - misc
+extra-bindings:
+  public:
+  cluster:
 provides:
   client:
     interface: ceph-client

requirements.txt

@@ -10,3 +10,4 @@ Jinja2>=2.6  # BSD License (3 clause)
 six>=1.9.0
 dnspython>=1.12.0
 psutil>=1.1.1,<2.0.0
+charm-tools>=2.0.0

templates/ceph.client.admin.keyring

@@ -1,2 +1,3 @@
 [client.admin]
-	key = {{admin_key}}
+	key = {{admin_key}}
+

templates/mon.keyring

@@ -1,3 +1,3 @@
-[mon.]
+[client.admin]
-	key = {{mon_key}}
+  key = {{admin_key}}
-	caps mon = "allow *"
+