Allow glance ceph osd cinder,nova pool access
Recently cinder has utilized clone v2 support of Ceph for its RBD backend, since then if you attempt to delete an image from glance that has a dependent volume, all future uses of that image will fail in error state. Despite the fact that image itself is still inside of Ceph/Glance. This issue is reproducible if you are using ceph client version greater than 'luminous' To resolve this issue glance RBD driver now checks whether original image has any dependency before deleting/removing it's snapshot and returns 409 response if it has any dependency. To check this dependency glance osd needs 'read' access to cinder and nova side RBD pool. This change allows glance keyring/osd a read access on cinder and nova side RBD pool. Related-Bug: #1954883 Change-Id: I2e6221e6de23920998bb5f32b2323704b3c89f74
This commit is contained in:
parent
4d9f4b2235
commit
8a27b7bdd8
|
@ -697,6 +697,8 @@ function configure_ceph_glance {
|
|||
get-or-create client.${GLANCE_CEPH_USER} \
|
||||
mon "allow r" \
|
||||
osd "allow class-read object_prefix rbd_children, \
|
||||
allow rx pool=${CINDER_CEPH_POOL}, \
|
||||
allow rx pool=${NOVA_CEPH_POOL}, \
|
||||
allow rwx pool=${GLANCE_CEPH_POOL}" | \
|
||||
sudo tee ${CEPH_CONF_DIR}/ceph.client.${GLANCE_CEPH_USER}.keyring
|
||||
|
||||
|
|
Loading…
Reference in New Issue