08ffd6bdb5
During recovery/maintenance mode, the driver applied all the rules it was expected to sync. It couldn't e.g., remove the already existing but unwanted access rules from the backend. This was because CephFSVolumeClient, the interface to Ceph backend, did not have the ability to fetch the existing access rules from the backend. Since the following commits in Ceph, master branch, https://github.com/ceph/ceph/commits/1c1d65a45f4574 Jewel branch, https://github.com/ceph/ceph/commits/e1eb8afea9f202 the CephFSVolumeClient is versioned and can list the existing access rules. Use this to more faithfully implement update_access() and ensure backwards compatibility with earlier versions of CephFSVolumeClient. Also, when authorizing access for a ceph auth ID using CephFSVolumeClient's authorize(), pass the project ID of the share as an additional argument. This is required (since the above mentioned commits) to retrieve the access key of the ceph auth ID. The driver's update_access() now returns access_keys as a dictionary with access rule ID and access key as key, value pairs. This would be useful once Manila can store the access_keys in its DB and expose them to the user. Partially Implements: bp cephfs-native-driver-enhancements Change-Id: I49782d62c0a8382d985b9b08612cf5bc394837ae
8 lines
227 B
YAML
8 lines
227 B
YAML
---
|
|
features:
|
|
- |
|
|
Enhanced ``cephfs_native`` driver's update_access() to,
|
|
|
|
- remove undesired rules existing in the backend during recovery mode.
|
|
- return ``access_keys`` of ceph auth IDs that are allowed access.
|