OpenStack-Ansible

Fix ceph caps for manila

Bug #1925525 reported by Victoria Martinez de la Cruz on 2021-04-22

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack-Ansible	Fix Released	Undecided	Victoria Martinez de la Cruz

Bug Description

Now that we issue mgr/volume commands and rados
get/put on pool with "ganesha_rados_store_pool_name"
name via a rados client, the auth ID used by the
driver/rados client would need different capabilities.

The auth ID will now require:

mon 'allow r'
mgr 'allow rw'
osd 'allow rw pool=<ganesha_rados_store_pool_name>"

The driver's auth ID does not need any MDS capability,
requires reduced MON and OSD capability, and extra write
capability for MGR.

See original description

Victoria Martinez de la Cruz (vkmc) on 2021-04-22

Changed in openstack-ansible:
assignee:	nobody → Victoria Martinez de la Cruz (vkmc)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-04-22: Fix proposed to openstack-ansible (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/openstack-ansible/+/787591

Changed in openstack-ansible:
status:	New → In Progress

Victoria Martinez de la Cruz (vkmc) on 2021-04-22

summary:	- Fix ceph-mgr caps for manila + Fix ceph caps for manila
description:	updated

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-04-26: Fix merged to openstack-ansible (master)

Reviewed: https://review.opendev.org/c/openstack/openstack-ansible/+/787591
Committed: https://opendev.org/openstack/openstack-ansible/commit/9f8c83f663b39cfbba72809f92f7eb894d96c1d0
Submitter: "Zuul (22348)"
Branch: master

commit 9f8c83f663b39cfbba72809f92f7eb894d96c1d0
Author: Victoria Martinez de la Cruz <email address hidden>
Date: Thu Apr 22 15:50:40 2021 +0000

Fix manila ceph caps

    Now that we issue mgr/volume commands and rados
    get/put on pool with "ganesha_rados_store_pool_name"
    name via a rados client, the auth ID used by the
    driver/rados client would need different capabilities.

The auth ID will now require:

    mon 'allow r'
    mgr 'allow rw'
    osd 'allow rw pool=<ganesha_rados_store_pool_name>"

    The driver's auth ID does not need any MDS capability,
    requires reduced MON and OSD capability, and extra write
    capability for MGR.

Closes-Bug: #1925525
Change-Id: Ib3015442eb4633fb208eb10af1f4150f189c3e14

Changed in openstack-ansible:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-06-15: Fix included in openstack/openstack-ansible 23.0.0.0b1

This issue was fixed in the openstack/openstack-ansible 23.0.0.0b1 development milestone.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.