From 983685837f2c6effa4f82b8862aa6a4200a6f8a1 Mon Sep 17 00:00:00 2001 From: Robert Choi Date: Tue, 26 Sep 2017 10:05:22 +0900 Subject: [PATCH] Glance: Fix storage-init script The new storage-init script doesn't handle the case in which the rbd pool user already exists. This PS solves the issue by improving the script. Change-Id: I22c55429d3077393b279fb784845db41a69b5469 Closes-Bug: 1719081 --- .../templates/bin/_ceph-admin-keyring.sh.tpl | 31 +++++++++++++++++++ glance/templates/bin/_ceph-keyring.sh.tpl | 4 --- glance/templates/bin/_storage-init.sh.tpl | 15 ++++++--- glance/templates/configmap-bin.yaml | 2 ++ glance/templates/job-storage-init.yaml | 9 ++---- glance/values.yaml | 2 +- 6 files changed, 47 insertions(+), 16 deletions(-) create mode 100644 glance/templates/bin/_ceph-admin-keyring.sh.tpl diff --git a/glance/templates/bin/_ceph-admin-keyring.sh.tpl b/glance/templates/bin/_ceph-admin-keyring.sh.tpl new file mode 100644 index 0000000000..f3c0a521db --- /dev/null +++ b/glance/templates/bin/_ceph-admin-keyring.sh.tpl @@ -0,0 +1,31 @@ +#!/bin/bash + +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +set -ex +export HOME=/tmp + +cat < /etc/ceph/ceph.client.admin.keyring +[client.admin] +{{- if .Values.conf.ceph.admin_keyring }} + key = {{ .Values.conf.ceph.admin_keyring }} +{{- else }} + key = $(cat /tmp/client-keyring) +{{- end }} +EOF + +exit 0 diff --git a/glance/templates/bin/_ceph-keyring.sh.tpl b/glance/templates/bin/_ceph-keyring.sh.tpl index aa3a3e842d..f02b294e40 100644 --- a/glance/templates/bin/_ceph-keyring.sh.tpl +++ b/glance/templates/bin/_ceph-keyring.sh.tpl @@ -21,11 +21,7 @@ export HOME=/tmp cat < /etc/ceph/ceph.client.${RBD_STORE_USER}.keyring [client.${RBD_STORE_USER}] -{{- if .Values.conf.ceph.keyring }} - key = {{ .Values.conf.ceph.keyring }} -{{- else }} key = $(cat /tmp/client-keyring) -{{- end }} EOF exit 0 diff --git a/glance/templates/bin/_storage-init.sh.tpl b/glance/templates/bin/_storage-init.sh.tpl index 91522eaba2..dd64749107 100644 --- a/glance/templates/bin/_storage-init.sh.tpl +++ b/glance/templates/bin/_storage-init.sh.tpl @@ -36,11 +36,16 @@ elif [ "x$STORAGE_BACKEND" == "xrbd" ]; then } ensure_pool ${RBD_POOL_NAME} ${RBD_POOL_CHUNK_SIZE} - #NOTE(Portdirect): Determine proper privs to assign keyring - ceph auth get-or-create client.${RBD_POOL_USER} \ - mon "allow *" \ - osd "allow *" \ - -o ${KEYRING} + if USERINFO=$(ceph auth get client.${RBD_POOL_USER}); then + KEYSTR=$(echo $USERINFO | sed 's/.*\( key = .*\) caps mon.*/\1/') + echo $KEYSTR > ${KEYRING} + else + #NOTE(Portdirect): Determine proper privs to assign keyring + ceph auth get-or-create client.${RBD_POOL_USER} \ + mon "allow *" \ + osd "allow *" \ + -o ${KEYRING} + fi ENCODED_KEYRING=$(sed -n 's/^[[:blank:]]*key[[:blank:]]\+=[[:blank:]]\(.*\)/\1/p' ${KEYRING} | base64 -w0) cat > ${SECRET} <