Cache calls to ceph get_named_key
Change-Id: Iccc1d4a3ef116e9edb4d3047f40993fa6107718e
This commit is contained in:
parent
a7f16a76f8
commit
becd07a584
|
@ -1217,26 +1217,11 @@ def get_named_key(name, caps=None, pool_list=None):
|
|||
:returns: Returns a cephx key
|
||||
"""
|
||||
key_name = 'client.{}'.format(name)
|
||||
try:
|
||||
# Does the key already exist?
|
||||
output = str(subprocess.check_output(
|
||||
[
|
||||
'sudo',
|
||||
'-u', ceph_user(),
|
||||
'ceph',
|
||||
'--name', 'mon.',
|
||||
'--keyring',
|
||||
'/var/lib/ceph/mon/ceph-{}/keyring'.format(
|
||||
socket.gethostname()
|
||||
),
|
||||
'auth',
|
||||
'get',
|
||||
key_name,
|
||||
]).decode('UTF-8')).strip()
|
||||
return parse_key(output)
|
||||
except subprocess.CalledProcessError:
|
||||
# Couldn't get the key, time to create it!
|
||||
log("Creating new key for {}".format(name), level=DEBUG)
|
||||
key = ceph_auth_get(key_name)
|
||||
if key:
|
||||
return key
|
||||
|
||||
log("Creating new key for {}".format(name), level=DEBUG)
|
||||
caps = caps or _default_caps
|
||||
cmd = [
|
||||
"sudo",
|
||||
|
@ -1259,6 +1244,7 @@ def get_named_key(name, caps=None, pool_list=None):
|
|||
pools = " ".join(['pool={0}'.format(i) for i in pool_list])
|
||||
subcaps[0] = subcaps[0] + " " + pools
|
||||
cmd.extend([subsystem, '; '.join(subcaps)])
|
||||
ceph_auth_get.cache_clear()
|
||||
|
||||
log("Calling check_output: {}".format(cmd), level=DEBUG)
|
||||
return parse_key(str(subprocess
|
||||
|
@ -1267,6 +1253,30 @@ def get_named_key(name, caps=None, pool_list=None):
|
|||
.strip()) # IGNORE:E1103
|
||||
|
||||
|
||||
@functools.lru_cache()
|
||||
def ceph_auth_get(key_name):
|
||||
try:
|
||||
# Does the key already exist?
|
||||
output = str(subprocess.check_output(
|
||||
[
|
||||
'sudo',
|
||||
'-u', ceph_user(),
|
||||
'ceph',
|
||||
'--name', 'mon.',
|
||||
'--keyring',
|
||||
'/var/lib/ceph/mon/ceph-{}/keyring'.format(
|
||||
socket.gethostname()
|
||||
),
|
||||
'auth',
|
||||
'get',
|
||||
key_name,
|
||||
]).decode('UTF-8')).strip()
|
||||
return parse_key(output)
|
||||
except subprocess.CalledProcessError:
|
||||
# Couldn't get the key
|
||||
pass
|
||||
|
||||
|
||||
def upgrade_key_caps(key, caps, pool_list=None):
|
||||
"""Upgrade key to have capabilities caps"""
|
||||
if not is_leader():
|
||||
|
|
|
@ -570,6 +570,17 @@ class CephTestCase(unittest.TestCase):
|
|||
'mon', ('allow r; allow command "osd blacklist"'
|
||||
'; allow command "osd blocklist"'),
|
||||
'osd', 'allow rwx'])])
|
||||
mock_check_output.reset_mock()
|
||||
mock_check_output.side_effect = [b'key=test']
|
||||
utils.get_named_key(name="rgw001")
|
||||
mock_check_output.assert_called_once_with([
|
||||
'sudo', '-u', 'ceph', 'ceph', '--name',
|
||||
'mon.', '--keyring',
|
||||
'/var/lib/ceph/mon/ceph-osd001/keyring',
|
||||
'auth', 'get', 'client.rgw001'])
|
||||
mock_check_output.reset_mock()
|
||||
utils.get_named_key(name="rgw001")
|
||||
mock_check_output.assert_not_called()
|
||||
|
||||
def test_parse_key_with_caps_existing_key(self):
|
||||
expected = "AQCm7aVYQFXXFhAAj0WIeqcag88DKOvY4UKR/g=="
|
||||
|
|
Loading…
Reference in New Issue