yesBad/pve-storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rbd: support auth=none if pveceph-managed

Browse Source 
preserve the old behaviour of selecting auth_supported based on the
existence of the keyring, but limit it to external clusters.

this allows switching 'auth XXX required' in the pveceph-managed
ceph.conf while still automatically copying the keyring when adding a
storage.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Fabian Grünbichler
2017-09-11 12:31:06 +02:00
committed by Wolfgang Bumiller
parent e3cba8b22e
commit 79127fb5c7
1 changed files with 4 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
PVE/Storage/RBDPlugin.pm
View File

@ -53,14 +53,12 @@ my $build_cmd = sub {
push @$cmd, '-c', $pveceph_config; push @$cmd, '-c', $pveceph_config;
} else { } else {
push @$cmd, '-m', $hostlist->($scfg->{monhost}, ','); push @$cmd, '-m', $hostlist->($scfg->{monhost}, ',');
push @$cmd, '--auth_supported', -e $keyring ? 'cephx' : 'none';
} }
if (-e $keyring) { if (-e $keyring) {
push @$cmd, '-n', "client.$username"; push @$cmd, '-n', "client.$username";
push @$cmd, '--keyring', $keyring; push @$cmd, '--keyring', $keyring;
push @$cmd, '--auth_supported', 'cephx';
} else {
push @$cmd, '--auth_supported', 'none';
} }
my $cephconfig = "/etc/pve/priv/ceph/${storeid}.conf"; my $cephconfig = "/etc/pve/priv/ceph/${storeid}.conf";
@ -308,6 +306,7 @@ sub path {
my $path = "rbd:$pool/$name"; my $path = "rbd:$pool/$name";
my $pveceph_managed = !defined($scfg->{monhost}); my $pveceph_managed = !defined($scfg->{monhost});
my $keyring = "/etc/pve/priv/ceph/${storeid}.keyring";
if ($pveceph_managed) { if ($pveceph_managed) {
$path .= ":conf=$pveceph_config"; $path .= ":conf=$pveceph_config";
@ -315,15 +314,10 @@ sub path {
my $monhost = $hostlist->($scfg->{monhost}, ';'); my $monhost = $hostlist->($scfg->{monhost}, ';');
$monhost =~ s/:/\\:/g; $monhost =~ s/:/\\:/g;
$path .= ":mon_host=$monhost"; $path .= ":mon_host=$monhost";
$path .= -e $keyring ? ":auth_supported=cephx" : ":auth_supported=none";
} }
my $keyring = "/etc/pve/priv/ceph/${storeid}.keyring"; $path .= ":id=$username:keyring=$keyring" if -e $keyring;
if (-e $keyring) {
$path .= ":id=$username:auth_supported=cephx:keyring=$keyring";
} else {
$path .= ":auth_supported=none";
}
my $cephconfig = "/etc/pve/priv/ceph/${storeid}.conf"; my $cephconfig = "/etc/pve/priv/ceph/${storeid}.conf";