ceph-client: Use profile rbd in keyring caps

author Dimitri Savineau <dsavinea@redhat.com>

Mon, 26 Aug 2019 19:35:19 +0000 (15:35 -0400)

committer Dimitri Savineau <savineau.dimitri@gmail.com>

Wed, 28 Aug 2019 13:42:33 +0000 (09:42 -0400)
author Dimitri Savineau <dsavinea@redhat.com>
Mon, 26 Aug 2019 19:35:19 +0000 (15:35 -0400)
committer Dimitri Savineau <savineau.dimitri@gmail.com>
Wed, 28 Aug 2019 13:42:33 +0000 (09:42 -0400)
diff --git a/group_vars/clients.yml.sample b/group_vars/clients.yml.sample

index 34926b2027a7c1345e3df851b33dcd29e13af366..33ab334995ff62d89db312b8d020e54e2435be15 100644 (file)
--- a/group_vars/clients.yml.sample
+++ b/group_vars/clients.yml.sample
@@ -50,6 +50,6 @@ dummy:
  # - { name: client.test, key: "AQAin8tUMICVFBAALRHNrV0Z4MXupRw4v9JQ6Q==" ...
  
  #keys:
-#  - { name: client.test, caps: { mon: "allow r", osd: "allow class-read object_prefix rbd_children, allow rwx pool=test" },  mode: "{{ ceph_keyring_permissions }}" }
-#  - { name: client.test2, caps: { mon: "allow r", osd: "allow class-read object_prefix rbd_children, allow rwx pool=test2" },  mode: "{{ ceph_keyring_permissions }}" }
+#  - { name: client.test, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test" },  mode: "{{ ceph_keyring_permissions }}" }
+#  - { name: client.test2, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test2" },  mode: "{{ ceph_keyring_permissions }}" }
  
diff --git a/roles/ceph-client/defaults/main.yml b/roles/ceph-client/defaults/main.yml

index 35a5f6976ae5d28d5b1ad6e309442da552af2594..73c03f9267e2582c8428c92559a03a0ef67f0fe3 100644 (file)
--- a/roles/ceph-client/defaults/main.yml
+++ b/roles/ceph-client/defaults/main.yml
@@ -42,5 +42,5 @@ pools:
  # - { name: client.test, key: "AQAin8tUMICVFBAALRHNrV0Z4MXupRw4v9JQ6Q==" ...
  
  keys:
-  - { name: client.test, caps: { mon: "allow r", osd: "allow class-read object_prefix rbd_children, allow rwx pool=test" },  mode: "{{ ceph_keyring_permissions }}" }
-  - { name: client.test2, caps: { mon: "allow r", osd: "allow class-read object_prefix rbd_children, allow rwx pool=test2" },  mode: "{{ ceph_keyring_permissions }}" }
+  - { name: client.test, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test" },  mode: "{{ ceph_keyring_permissions }}" }
+  - { name: client.test2, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test2" },  mode: "{{ ceph_keyring_permissions }}" }
author	Dimitri Savineau <dsavinea@redhat.com>
	Mon, 26 Aug 2019 19:35:19 +0000 (15:35 -0400)
committer	Dimitri Savineau <savineau.dimitri@gmail.com>
	Wed, 28 Aug 2019 13:42:33 +0000 (09:42 -0400)
group_vars/clients.yml.sample		patch \| blob \| history
roles/ceph-client/defaults/main.yml		patch \| blob \| history