From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id C6B7D93F28 for ; Wed, 21 Feb 2024 12:55:53 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id A3A6616693 for ; Wed, 21 Feb 2024 12:55:53 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 21 Feb 2024 12:55:52 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id DE5514444D for ; Wed, 21 Feb 2024 12:55:51 +0100 (CET) Message-ID: <4fa0d7e0-c428-48e0-85ee-422aa8d26e99@proxmox.com> Date: Wed, 21 Feb 2024 12:55:50 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Content-Language: en-US To: Proxmox VE development discussion , Max Carrara References: <20240216145615.2301594-1-m.carrara@proxmox.com> From: Friedrich Weber In-Reply-To: <20240216145615.2301594-1-m.carrara@proxmox.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.083 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [proxmox.com, cephconfig.pm, tools.pm, ceph.pm, mon.pm] Subject: Re: [pve-devel] [PATCH v3 ceph master, ceph quincy-stable 8, pve-storage, pve-manager 00/13] Fix #4759: Configure Permissions for ceph-crash.service X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Feb 2024 11:55:53 -0000 Quickly tested the patch series on my existing Ceph Quincy cluster, did not encounter major issues -- the keyring was created and the Ceph config was rewritten accordingly. After a restart of `ceph-crash`, it correctly posts crashes (produced with `kill -n11 $(pidof ceph-osd)`) again and does not write any potentially misleading messages to the journal. Nice! Didn't have time yet to test these patches when setting up a new cluster, but I'll try to do so this week and report back. Two minor things I've noticed so far: - the `ceph-crash` service does not restart after installing the patched ceph-base package, so the reordering done by patches 02+04 does not take effect immediately: ceph-crash posts crash logs just fine, but logs to the journal that it can't find a keyring. After a restart of ceph-crash, the patch takes effect, so only a tiny inconvenience, but still: Not sure if restarting the service is something we'd want to do in a postinst -- is this an acceptable thing to do in a postinst? - Might there be issues in a mixed-version cluster scenario, so if some node A already has an updated pve-storage package (patches 05-10), but node B doesn't yet? One thing I noticed is that node A will add the [client.crash] section, but node B may remove it again when it needs to rewrite the Ceph config (e.g. when creating a monitor). I don't find this particular issue too concerning, as hopefully node B will be updated eventually as well and reinstate the [client.crash] section. But I wonder if there could be other more serious issues? On 16/02/2024 15:56, Max Carrara wrote: > This marks version 03 of the patch series "Fix #4759: Configure > Permissions for ceph-crash.service". Older versions can be found below. > > Notable changes since v2 > ------------------------ > > * The 'ceph.conf' parser in pve-storage is now equivalent to Ceph's > and even supports continued lines > * The addition of the '/etc/pve/ceph' directory has been moved into a > separate patch in order to preserve the context of its purpose in > the git history > * The debian `postinst` hook for pve-manager is now version-guarded > and uses a separate Perl helper script instead of doing everything > in BASH > > > Older Versions > -------------- > > v1: https://lists.proxmox.com/pipermail/pve-devel/2024-January/061546.html > v2: https://lists.proxmox.com/pipermail/pve-devel/2024-February/061646.html > > > > ceph (master): > > Max Carrara (2): > debian: add patch to fix ceph crash dir permissions in postinst hook > patches: add patch that reorders clients used by ceph-crash > > ...ly-adjust-permissions-of-var-lib-cep.patch | 54 +++++++++++++++++++ > ...h-crash-change-order-of-client-names.patch | 30 +++++++++++ > patches/series | 2 + > 3 files changed, 86 insertions(+) > create mode 100644 patches/0016-debian-recursively-adjust-permissions-of-var-lib-cep.patch > create mode 100644 patches/0017-ceph-crash-change-order-of-client-names.patch > > > ceph (quincy-stable-8): > > Max Carrara (2): > debian: add patch to fix ceph crash dir permissions in postinst hook > patches: add patch that reorders clients used by ceph-crash > > ...ly-adjust-permissions-of-var-lib-cep.patch | 54 +++++++++++++++++++ > ...h-crash-change-order-of-client-names.patch | 30 +++++++++++ > patches/series | 2 + > 3 files changed, 86 insertions(+) > create mode 100644 patches/0025-debian-recursively-adjust-permissions-of-var-lib-cep.patch > create mode 100644 patches/0026-ceph-crash-change-order-of-client-names.patch > > > pve-storage: > > Max Carrara (6): > cephconfig: align our parser more with Ceph's parser > cephconfig: support line-continuations in parser > cephconfig: allow writing arbitrary sections > cephconfig: change code style inside config writer > cephconfig: change order of written sections > cephconfig: remove leading whitespace on write to Ceph config > > src/PVE/CephConfig.pm | 80 +++++++++++++++++++++++++++++++------------ > 1 file changed, 58 insertions(+), 22 deletions(-) > > > pve-manager: > > Max Carrara (3): > ceph: introduce '/etc/pve/ceph' > fix #4759: ceph: configure ceph-crash.service and its key > bin/make: gather helper scripts in separate variable > > PVE/API2/Ceph.pm | 5 ++ > PVE/API2/Ceph/MON.pm | 8 ++++ > PVE/Ceph/Tools.pm | 47 +++++++++++++++++- > bin/Makefile | 6 ++- > bin/pve-init-ceph-crash | 104 ++++++++++++++++++++++++++++++++++++++++ > debian/postinst | 16 +++++++ > 6 files changed, 183 insertions(+), 3 deletions(-) > create mode 100755 bin/pve-init-ceph-crash >