Update call for keys creation
ceph-create-keys was being used to create keys. This command has been deprecated and it does nothing. For this reason, keys were not available when starting daemons and this made the deployment to fail. This change adds the correct key creation using ceph-authtool. Change-Id: Ie1a41f67bbf1c7a58e89168b0c8ad63f101648b4 Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
This commit is contained in:
parent
1221819b6c
commit
cbdcb8c10a
|
@ -405,13 +405,12 @@ function initial_configure_ceph {
|
|||
|
||||
# populate ceph directory
|
||||
sudo mkdir -p \
|
||||
${CEPH_DATA_DIR}/{bootstrap-mds,bootstrap-osd,mds,mon,osd,tmp,radosgw}
|
||||
${CEPH_DATA_DIR}/{bootstrap-mds,bootstrap-osd,bootstrap-mgr,bootstrap-rgw,mgr,rgw,mds,mon,osd,tmp,radosgw}
|
||||
}
|
||||
# configure_ceph() - Set config files, create data dirs, etc
|
||||
function configure_ceph {
|
||||
local count=0
|
||||
|
||||
|
||||
RUN_AS=$(_run_as_ceph_or_root)
|
||||
echo "ceph daemons will run as $RUN_AS"
|
||||
|
||||
|
@ -419,8 +418,17 @@ function configure_ceph {
|
|||
|
||||
# create ceph monitor initial key and directory
|
||||
sudo ceph-authtool ${CEPH_DATA_DIR}/tmp/keyring.mon.$(hostname) \
|
||||
--create-keyring --name=mon. --add-key=$(ceph-authtool \
|
||||
--gen-print-key) --cap mon 'allow *'
|
||||
--create-keyring --name=mon. --add-key=$(ceph-authtool --gen-print-key) \
|
||||
--cap mon 'allow *'
|
||||
|
||||
# gen admin keyring, gen client.admin user and add user to keyring
|
||||
sudo ceph-authtool ${CEPH_CONF_DIR}/ceph.client.admin.keyring \
|
||||
--create-keyring --gen-key -n client.admin --cap mon 'allow *' \
|
||||
--cap osd 'allow *' --cap mds 'allow *' --cap mgr 'allow *'
|
||||
|
||||
# add gen keys to ceph.mon.keyring
|
||||
sudo ceph-authtool ${CEPH_DATA_DIR}/tmp/keyring.mon.$(hostname) \
|
||||
--import-keyring ${CEPH_CONF_DIR}/ceph.client.admin.keyring
|
||||
|
||||
sudo mkdir -p ${CEPH_DATA_DIR}/mon/ceph-$(hostname)
|
||||
|
||||
|
@ -460,22 +468,13 @@ function configure_ceph {
|
|||
|
||||
local ceph_version
|
||||
ceph_version=$(_get_ceph_version mon)
|
||||
if [[ $(echo $ceph_version '>=' 11.1 | bc -l) == 1 ]] ; then
|
||||
sudo ceph-create-keys --cluster ceph --id $(hostname)
|
||||
|
||||
if [[ $(echo $ceph_version '>=' 14.0 | bc -l) == 1 ]] ; then
|
||||
for key in bootstrap-{mds,osd,rgw}; do
|
||||
sudo ceph auth get client.$key -o ${CEPH_DATA_DIR}/$key/ceph.keyring
|
||||
done
|
||||
fi
|
||||
|
||||
# wait for the admin key to come up
|
||||
# otherwise we will not be able to do the actions below
|
||||
until [ -f ${CEPH_CONF_DIR}/ceph.client.admin.keyring ]; do
|
||||
echo_summary "Waiting for the Ceph admin key to be ready..."
|
||||
|
||||
count=$(($count + 1))
|
||||
if [ $count -eq 3 ]; then
|
||||
die $LINENO "Maximum of 3 retries reached"
|
||||
fi
|
||||
sleep 5
|
||||
done
|
||||
|
||||
if [[ $(echo $ceph_version '>=' 12.1 | bc -l) == 1 ]] ; then
|
||||
sudo mkdir -p ${CEPH_DATA_DIR}/mgr/ceph-${MGR_ID}
|
||||
sudo ceph -c ${CEPH_CONF_FILE} auth get-or-create mgr.${MGR_ID} \
|
||||
|
@ -506,20 +505,19 @@ function configure_ceph {
|
|||
# create the OSD(s)
|
||||
for rep in ${CEPH_REPLICAS_SEQ}; do
|
||||
OSD_ID=$(sudo ceph -c ${CEPH_CONF_FILE} osd create)
|
||||
if [[ $RUN_AS == 'ceph' ]] ; then
|
||||
sudo mkdir -p ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}
|
||||
sudo chown ceph. ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}
|
||||
sudo ceph-osd -c ${CEPH_CONF_FILE} --setuser ceph --setgroup ceph -i ${OSD_ID} --mkfs
|
||||
else
|
||||
sudo mkdir -p ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}
|
||||
sudo ceph-osd -c ${CEPH_CONF_FILE} -i ${OSD_ID} --mkfs
|
||||
fi
|
||||
sudo mkdir -p ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}
|
||||
sudo ceph -c ${CEPH_CONF_FILE} auth get-or-create osd.${OSD_ID} \
|
||||
mon 'allow profile osd ' osd 'allow *' | \
|
||||
sudo tee ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/keyring
|
||||
if [[ $RUN_AS == 'ceph' ]] ; then
|
||||
sudo chown ceph. ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}
|
||||
sudo chown ceph. ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/keyring
|
||||
fi
|
||||
if [[ $RUN_AS == 'ceph' ]] ; then
|
||||
sudo ceph-osd -c ${CEPH_CONF_FILE} --setuser ceph --setgroup ceph -i ${OSD_ID} --mkfs
|
||||
else
|
||||
sudo ceph-osd -c ${CEPH_CONF_FILE} -i ${OSD_ID} --mkfs
|
||||
fi
|
||||
# ceph's init script is parsing ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/
|
||||
# and looking for a file 'upstart' or 'sysinitv'
|
||||
# thanks to these 'touches' we are able to control OSDs daemons
|
||||
|
|
Loading…
Reference in New Issue