From: Aaron Lauterer <a.lauterer@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH v3 storage 1/2] CephConfig: add optional $secret parameter
Date: Thu, 26 Aug 2021 12:03:31 +0200 [thread overview]
Message-ID: <20210826100332.2003299-2-a.lauterer@proxmox.com> (raw)
In-Reply-To: <20210826100332.2003299-1-a.lauterer@proxmox.com>
This allows us to manually pass the used RBD keyring or CephFS secret.
Useful mostly when adding external Ceph clusters where we have no other
means to fetch them.
I renamed the previous $secret to $cephfs_secret to be able to use
$secret as parameter.
Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
---
changes since v2: rebased on the current master branch
PVE/CephConfig.pm | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/PVE/CephConfig.pm b/PVE/CephConfig.pm
index 83d72fc..5c94a04 100644
--- a/PVE/CephConfig.pm
+++ b/PVE/CephConfig.pm
@@ -212,7 +212,7 @@ sub ceph_connect_option {
}
sub ceph_create_keyfile {
- my ($type, $storeid) = @_;
+ my ($type, $storeid, $secret) = @_;
my $extension = 'keyring';
$extension = 'secret' if ($type eq 'cephfs');
@@ -221,17 +221,20 @@ sub ceph_create_keyfile {
my $ceph_storage_keyring = "/etc/pve/priv/ceph/${storeid}.$extension";
die "ceph authx keyring file for storage '$storeid' already exists!\n"
- if -e $ceph_storage_keyring;
+ if -e $ceph_storage_keyring && !defined($secret);
- if (-e $ceph_admin_keyring) {
+ if (-e $ceph_admin_keyring || defined($secret)) {
eval {
- if ($type eq 'rbd') {
+ if (defined($secret)) {
+ mkdir '/etc/pve/priv/ceph';
+ PVE::Tools::file_set_contents($ceph_storage_keyring, $secret, 0400);
+ } elsif ($type eq 'rbd') {
mkdir '/etc/pve/priv/ceph';
PVE::Tools::file_copy($ceph_admin_keyring, $ceph_storage_keyring);
} elsif ($type eq 'cephfs') {
- my $secret = $ceph_get_key->($ceph_admin_keyring, 'admin');
+ my $cephfs_secret = $ceph_get_key->($ceph_admin_keyring, 'admin');
mkdir '/etc/pve/priv/ceph';
- PVE::Tools::file_set_contents($ceph_storage_keyring, $secret, 0400);
+ PVE::Tools::file_set_contents($ceph_storage_keyring, $cephfs_secret, 0400);
}
};
if (my $err = $@) {
--
2.30.2
next prev parent reply other threads:[~2021-08-26 10:03 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-26 10:03 [pve-devel] [PATCH v3 storage 0/2] RBD/Cephfs: new keyring parameter Aaron Lauterer
2021-08-26 10:03 ` Aaron Lauterer [this message]
2021-08-26 10:03 ` [pve-devel] [PATCH v3 storage 2/2] Ceph: add keyring parameter for external clusters Aaron Lauterer
2021-08-26 16:17 ` [pve-devel] applied-series: Re: [PATCH v3 storage 0/2] RBD/Cephfs: new keyring parameter Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210826100332.2003299-2-a.lauterer@proxmox.com \
--to=a.lauterer@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal