From: "Max R. Carrara" <m.carrara@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH pve-manager master v1 5/6] bin: make pve-init-ceph-crash call pve-ceph-keyring
Date: Tue, 16 Sep 2025 19:20:06 +0200 [thread overview]
Message-ID: <20250916172012.739807-6-m.carrara@proxmox.com> (raw)
In-Reply-To: <20250916172012.739807-1-m.carrara@proxmox.com>
Support 'client.crash' in the new `pve-ceph-keyring` helper and let
`pve-init-ceph-crash` call `pve-ceph-keyring`.
This avoids having duplicate logic lying around and retains the
original behavior, except that the log output is slightly different.
Signed-off-by: Max R. Carrara <m.carrara@proxmox.com>
---
PVE/Ceph/Tools.pm | 2 +-
bin/pve-ceph-keyring | 4 ++
bin/pve-init-ceph-crash | 152 +---------------------------------------
3 files changed, 7 insertions(+), 151 deletions(-)
diff --git a/PVE/Ceph/Tools.pm b/PVE/Ceph/Tools.pm
index b6430f79..dd146f6d 100644
--- a/PVE/Ceph/Tools.pm
+++ b/PVE/Ceph/Tools.pm
@@ -537,7 +537,7 @@ my sub create_or_update_keyring_file {
return 0;
}
-# is also used in `pve-init-ceph-crash` helper
+# is also used in `pve-ceph-keyring` helper
sub create_or_update_crash_keyring_file {
my ($rados) = @_;
diff --git a/bin/pve-ceph-keyring b/bin/pve-ceph-keyring
index 9d6e89d4..cf15776a 100755
--- a/bin/pve-ceph-keyring
+++ b/bin/pve-ceph-keyring
@@ -15,6 +15,10 @@ my $CEPH_CFG_FILE_PATH = PVE::Ceph::Tools::get_config('pve_ceph_cfgpath');
my $KEYRING_PATH = '/etc/pve/ceph/$cluster.$name.keyring';
my $SUPPORTED_ENTITIES = {
+ 'client.crash' => {
+ 'keyring-func' => \&PVE::Ceph::Tools::create_or_update_crash_keyring_file,
+ 'keyring-path' => PVE::Ceph::Tools::get_config('pve_ceph_crash_key_path'),
+ },
'client.exporter' => {
'keyring-func' => \&PVE::Ceph::Tools::create_or_update_exporter_keyring_file,
'keyring-path' => PVE::Ceph::Tools::get_config('pve_ceph_exporter_key_path'),
diff --git a/bin/pve-init-ceph-crash b/bin/pve-init-ceph-crash
index d25201d9..8945ed88 100755
--- a/bin/pve-init-ceph-crash
+++ b/bin/pve-init-ceph-crash
@@ -1,151 +1,3 @@
-#!/usr/bin/perl
+#!/bin/bash
-use strict;
-use warnings;
-
-use List::Util qw(first);
-
-use PVE::Ceph::Tools;
-use PVE::Cluster;
-use PVE::RADOS;
-use PVE::RPCEnvironment;
-
-my $ceph_cfg_file = 'ceph.conf';
-my $keyring_value = '/etc/pve/ceph/$cluster.$name.keyring';
-
-sub try_adapt_cfg {
- my ($cfg) = @_;
-
- my $entity = 'client.crash';
- my $removed_key = 0;
-
- print("Checking whether the configuration for '$entity' needs to be updated.\n");
-
- my $add_keyring = sub {
- print("Setting keyring path to '$keyring_value'.\n");
- $cfg->{$entity}->{keyring} = $keyring_value;
- };
-
- if (!exists($cfg->{$entity})) {
- print("Adding missing section for '$entity'.\n");
- $add_keyring->();
- return 1;
- }
-
- if (exists($cfg->{$entity}->{key})) {
- print("Removing existing usage of key.\n");
- delete($cfg->{$entity}->{key});
- $removed_key = 1;
- }
-
- if (!exists($cfg->{$entity}->{keyring})) {
- print("Keyring path is missing from configuration.\n");
- $add_keyring->();
- return 1;
- }
-
- my $current_keyring_value = $cfg->{$entity}->{keyring};
- if ($current_keyring_value ne $keyring_value) {
- print("Current keyring path differs from expected path.\n");
- $add_keyring->();
- return 1;
- }
-
- return $removed_key;
-}
-
-sub main {
- # PVE::RADOS expects an active RPC Environment because it forks itself
- # and may want to clean up after
- my $rpcenv = PVE::RPCEnvironment->setup_default_cli_env();
-
- if (!PVE::Ceph::Tools::check_ceph_installed('ceph_bin', 1)) {
- print("Ceph is not installed. No action required.\n");
- exit 0;
- }
-
- my $ceph_cfg_path = PVE::Ceph::Tools::get_config('pve_ceph_cfgpath');
- if (PVE::Ceph::Tools::check_ceph_installed('ceph_mon', 1) && -f $ceph_cfg_path) {
- my $pve_ceph_cfgdir = PVE::Ceph::Tools::get_config('pve_ceph_cfgdir');
- if (!-d $pve_ceph_cfgdir) {
- File::Path::make_path($pve_ceph_cfgdir);
- }
- }
-
- eval { PVE::Ceph::Tools::check_ceph_inited(); };
- if ($@) {
- print("Ceph is not initialized. No action required.\n");
- exit 0;
- }
-
- my $rados = eval { PVE::RADOS->new() };
- my $ceph_crash_key_path = PVE::Ceph::Tools::get_config('pve_ceph_crash_key_path');
-
- my $inner_err = '';
-
- my $rval = PVE::Cluster::cfs_lock_file(
- $ceph_cfg_file,
- undef,
- sub {
- eval {
- my $cfg = PVE::Cluster::cfs_read_file($ceph_cfg_file);
-
- if (!defined($rados)) {
- my $has_mon_host =
- defined($cfg->{global}) && defined($cfg->{global}->{mon_host});
- if ($has_mon_host && $cfg->{global}->{mon_host} ne '') {
- die "Connection to RADOS failed even though a monitor is configured.\n"
- . "Please verify whether your configuration in '$ceph_cfg_file' is correct.\n";
- }
-
- print(
- "Connection to RADOS failed and no monitor is configured in '$ceph_cfg_file'.\n"
- . "Assuming that things are fine. No action required.\n");
- return;
- }
-
- my $updated_keyring =
- PVE::Ceph::Tools::create_or_update_crash_keyring_file($rados);
-
- if ($updated_keyring) {
- print("Keyring file '$ceph_crash_key_path' was updated.\n");
- }
-
- my $changed = try_adapt_cfg($cfg);
-
- if ($changed) {
- print("Committing updated configuration to '$ceph_cfg_file'.\n");
- PVE::Cluster::cfs_write_file($ceph_cfg_file, $cfg);
- print("Successfully updated configuration for 'ceph-crash.service'.\n");
- } else {
- print("Configuration in '$ceph_cfg_file' does not need to be updated.\n");
- }
- };
- $inner_err = $@;
-
- return 1;
- },
- );
-
- # cfs_lock_file sets $@ explicitly to undef
- my $err = $@ // '';
-
- my $has_err = !defined($rval) || $inner_err || $err;
-
- if ($has_err) {
- $err =~ s/\n*$//;
- $inner_err =~ s/\n*$//;
-
- if (!defined($rval)) {
- warn("Error while acquiring or releasing lock for '$ceph_cfg_file'.\n");
- warn("Error: $err\n") if $err ne '';
- }
-
- warn("Failed to configure keyring for 'ceph-crash.service'.\nError: $inner_err\n")
- if $inner_err ne '';
-
- exit 1;
- }
-}
-
-main();
+/usr/share/pve-manager/helpers/pve-ceph-keyring --init client.crash
--
2.47.3
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-09-16 17:21 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-16 17:20 [pve-devel] [PATCH pve-manager, ceph master v1 0/6] Fix #6816: Prevent ceph-exporter Daemon from Crashing on Starting Max R. Carrara
2025-09-16 17:20 ` [pve-devel] [PATCH pve-manager master v1 1/6] ceph: tools: add helper sub for creating or updating keyring files Max R. Carrara
2025-09-16 17:20 ` [pve-devel] [PATCH pve-manager master v1 2/6] fix #6816: api: ceph: create 'client.exporter' w/ keyring Max R. Carrara
2025-09-16 17:20 ` [pve-devel] [PATCH pve-manager master v1 3/6] fix #6816: bin: add pve-ceph-keyring helper and call it in postinst Max R. Carrara
2025-09-16 17:20 ` [pve-devel] [PATCH pve-manager master v1 4/6] ceph: tools: simplify helper sub for crash keyring file Max R. Carrara
2025-09-16 17:20 ` Max R. Carrara [this message]
2025-09-16 17:20 ` [pve-devel] [PATCH ceph master v1 6/6] fix #6816: patches: make ceph-exporter use custom keyring Max R. Carrara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250916172012.739807-6-m.carrara@proxmox.com \
--to=m.carrara@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox