git.apps.os.sepia.ceph.com Git - ceph-ansible.git/commit

author	Guillaume Abrioux <gabrioux@redhat.com>
	Fri, 12 Mar 2021 15:27:12 +0000 (16:27 +0100)
committer	Guillaume Abrioux <gabrioux@redhat.com>
	Wed, 31 Mar 2021 19:52:07 +0000 (21:52 +0200)
commit	2db2208e406df83806c264207e7df90623add154
tree	368816e2d9cb62cd789a7a0b5943d6eaab523517	tree \| snapshot
parent	b60c61ce450db5b755744c491b4dfd1ce70fb124	commit \| diff

nfs: set idmap config for Ceph-NFS

Currently NFS Ganesha (ceph-nfs) consumes /etc/idmapd.conf, which
controls mapping of user/owner identities under NFSv4+. With
containerized service deployment, this file is an immutable part of the
container image and cannot be modified.

Here we provide group variables, and a taskk and templates for the
ceph-nfs role, to set the path of the idmap configuration file and
to make the most common adjustment to the contents of that file --
namely to set the 'Domain'. We default the path to /etc/ganesha/idmap.conf
so that we will not conflict with /etc/idmapd.conf on the controller nodes
where ganesha runs. NFSv4 clients, as used for example by the Cinder NFS
driver, consume /etc/idmapd.conf and may require different settings than
what is wanted for NFS Ganesha. Additionally, because we already bind
/etc/ganesha from the host into the ceph-nfs container, the file NFS
Ganesha consumes will no longer be an immutable part of the container.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1925646
Signed-off-by: Tom Barron tpb@dyncloud.net
Co-Authored-by: Guillaume Abrioux <gabrioux@redhat.com>

group_vars/nfss.yml.sample		diff \| blob \| history
roles/ceph-nfs/defaults/main.yml		diff \| blob \| history
roles/ceph-nfs/tasks/start_nfs.yml		diff \| blob \| history
roles/ceph-nfs/templates/ganesha.conf.j2		diff \| blob \| history
roles/ceph-nfs/templates/idmap.conf.j2	[new file with mode: 0644]	blob