charmhelpers-sync
Pull in fix for call to ceph-authtool when updating keys. Change-Id: Ieccddef41091b5577b28528c7da1e26cb6c4eba6 Closes-Bug: #1810917
This commit is contained in:
Pete Vander Giessen
parent
10ce2f862b
commit
d2f87c3e02
@ -856,12 +856,22 @@ def _keyring_path(service):
|
|||||||
return KEYRING.format(service)
|
return KEYRING.format(service)
|
||||||
|
|
||||||
|
|
||||||
def create_keyring(service, key):
|
def add_key(service, key):
|
||||||
"""Create a new Ceph keyring containing key."""
|
"""
|
||||||
|
Add a key to a keyring.
|
||||||
|
|
||||||
|
Creates the keyring if it doesn't already exist.
|
||||||
|
|
||||||
|
Logs and returns if the key is already in the keyring.
|
||||||
|
"""
|
||||||
keyring = _keyring_path(service)
|
keyring = _keyring_path(service)
|
||||||
if os.path.exists(keyring):
|
if os.path.exists(keyring):
|
||||||
log('Ceph keyring exists at %s.' % keyring, level=WARNING)
|
with open(keyring, 'r') as ring:
|
||||||
return
|
if key in ring.read():
|
||||||
|
log('Ceph keyring exists at %s and has not changed.' % keyring,
|
||||||
|
level=DEBUG)
|
||||||
|
return
|
||||||
|
log('Updating existing keyring %s.' % keyring, level=DEBUG)
|
||||||
|
|
||||||
cmd = ['ceph-authtool', keyring, '--create-keyring',
|
cmd = ['ceph-authtool', keyring, '--create-keyring',
|
||||||
'--name=client.{}'.format(service), '--add-key={}'.format(key)]
|
'--name=client.{}'.format(service), '--add-key={}'.format(key)]
|
||||||
@ -869,6 +879,11 @@ def create_keyring(service, key):
|
|||||||
log('Created new ceph keyring at %s.' % keyring, level=DEBUG)
|
log('Created new ceph keyring at %s.' % keyring, level=DEBUG)
|
||||||
|
|
||||||
|
|
||||||
|
def create_keyring(service, key):
|
||||||
|
"""Deprecated. Please use the more accurately named 'add_key'"""
|
||||||
|
return add_key(service, key)
|
||||||
|
|
||||||
|
|
||||||
def delete_keyring(service):
|
def delete_keyring(service):
|
||||||
"""Delete an existing Ceph keyring."""
|
"""Delete an existing Ceph keyring."""
|
||||||
keyring = _keyring_path(service)
|
keyring = _keyring_path(service)
|
||||||
@ -905,7 +920,7 @@ def get_ceph_nodes(relation='ceph'):
|
|||||||
|
|
||||||
def configure(service, key, auth, use_syslog):
|
def configure(service, key, auth, use_syslog):
|
||||||
"""Perform basic configuration of Ceph."""
|
"""Perform basic configuration of Ceph."""
|
||||||
create_keyring(service, key)
|
add_key(service, key)
|
||||||
create_key_file(service, key)
|
create_key_file(service, key)
|
||||||
hosts = get_ceph_nodes()
|
hosts = get_ceph_nodes()
|
||||||
with open('/etc/ceph/ceph.conf', 'w') as ceph_conf:
|
with open('/etc/ceph/ceph.conf', 'w') as ceph_conf:
|
||||||
@ -1068,7 +1083,7 @@ def ensure_ceph_keyring(service, user=None, group=None,
|
|||||||
if not key:
|
if not key:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
create_keyring(service=service, key=key)
|
add_key(service=service, key=key)
|
||||||
keyring = _keyring_path(service)
|
keyring = _keyring_path(service)
|
||||||
if user and group:
|
if user and group:
|
||||||
check_call(['chown', '%s.%s' % (user, group), keyring])
|
check_call(['chown', '%s.%s' % (user, group), keyring])
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user