mon/AuthMonitor: add option to skip non-mon cap parsing

The monitor is not always the same version as the daemons, so it may
not always treat the caps the same. This parsing is also quite cpu
intensive, and is just a usability feature here - it's checked again
on the relevant daemon when the entity connects. Thus, provide an
option to disable this parsing. Leave it on by default for better
usability.

Signed-off-by: Josh Durgin <jdurgin@redhat.com>

diff --git a/src/common/options.cc b/src/common/options.cc
index 919241515b9fdf02ca1dc074f9ee0db01b46ba37..8fc58752b519b12719546e354617180228aebc65 100644 (file)
--- a/src/common/options.cc
+++ b/src/common/options.cc
@@ -2150,6 +2150,14 @@ std::vector<Option> get_global_options() {
     .add_service("mon")
     .set_description("Timeout (in seconds) for smarctl to run, default is set to 5"),
 
+    Option("mon_auth_validate_all_caps", Option::TYPE_BOOL, Option::LEVEL_ADVANCED)
+    .set_default(true)
+    .add_service("mon")
+    .set_description("Whether to parse non-monitor capabilities set by the "
+                    "'ceph auth ...' commands. Disabling this saves CPU on the "
+                    "monitor, but allows invalid capabilities to be set, and "
+                    "only be rejected later, when they are used.")
+    .set_flag(Option::FLAG_RUNTIME),
 
     // PAXOS
 

diff --git a/src/mon/AuthMonitor.cc b/src/mon/AuthMonitor.cc
index 508aebc46e8074d12c612105ab6a013753d1cdb4..d6b5fe65233bdaa87aabd9aa02a4f512eddd920d 100644 (file)
--- a/src/mon/AuthMonitor.cc
+++ b/src/mon/AuthMonitor.cc
@@ -1276,7 +1276,14 @@ bool AuthMonitor::valid_caps(
     if (!moncap.parse(caps, out)) {
       return false;
     }
-  } else if (type == "mgr") {
+    return true;
+  }
+
+  if (!g_conf().get_val<bool>("mon_auth_validate_all_caps")) {
+    return true;
+  }
+
+  if (type == "mgr") {
     MgrCap mgrcap;
     if (!mgrcap.parse(caps, out)) {
       return false;