diff --git a/ceph/templates/bin/mon/_start.sh.tpl b/ceph/templates/bin/mon/_start.sh.tpl index 451eeb26e9..24b6ed8e21 100644 --- a/ceph/templates/bin/mon/_start.sh.tpl +++ b/ceph/templates/bin/mon/_start.sh.tpl @@ -68,9 +68,11 @@ get_mon_config # If we don't have a monitor keyring, this is a new monitor if [ ! -e "${MON_DATA_DIR}/keyring" ]; then - if [ ! -e ${MON_KEYRING} ]; then - echo "ERROR- ${MON_KEYRING} must exist. You can extract it from your current monitor by running 'ceph auth get mon. -o ${MON_KEYRING}' or use a KV Store" + if [ ! -e ${MON_KEYRING}.seed ]; then + echo "ERROR- ${MON_KEYRING}.seed must exist. You can extract it from your current monitor by running 'ceph auth get mon. -o ${MON_KEYRING}' or use a KV Store" exit 1 + else + cp -vf ${MON_KEYRING}.seed ${MON_KEYRING} fi if [ ! -e ${MONMAP} ]; then diff --git a/ceph/templates/daemonset-mon.yaml b/ceph/templates/daemonset-mon.yaml index 022052d126..a0354cd4e2 100644 --- a/ceph/templates/daemonset-mon.yaml +++ b/ceph/templates/daemonset-mon.yaml @@ -161,21 +161,21 @@ spec: subPath: ceph.client.admin.keyring readOnly: true - name: ceph-mon-keyring - mountPath: /etc/ceph/ceph.mon.keyring + mountPath: /etc/ceph/ceph.mon.keyring.seed subPath: ceph.mon.keyring - readOnly: false + readOnly: true - name: ceph-bootstrap-osd-keyring mountPath: /var/lib/ceph/bootstrap-osd/ceph.keyring subPath: ceph.keyring - readOnly: false + readOnly: true - name: ceph-bootstrap-mds-keyring mountPath: /var/lib/ceph/bootstrap-mds/ceph.keyring subPath: ceph.keyring - readOnly: false + readOnly: true - name: ceph-bootstrap-rgw-keyring mountPath: /var/lib/ceph/bootstrap-rgw/ceph.keyring subPath: ceph.keyring - readOnly: false + readOnly: true - name: pod-var-lib-ceph mountPath: /var/lib/ceph readOnly: false