ceph-client: Use profile rbd in keyring caps

author Dimitri Savineau <dsavinea@redhat.com>

Mon, 26 Aug 2019 19:35:19 +0000 (15:35 -0400)

committer Guillaume Abrioux <gabrioux@redhat.com>

Tue, 27 Aug 2019 18:52:23 +0000 (20:52 +0200)
author Dimitri Savineau <dsavinea@redhat.com>
Mon, 26 Aug 2019 19:35:19 +0000 (15:35 -0400)
committer Guillaume Abrioux <gabrioux@redhat.com>
Tue, 27 Aug 2019 18:52:23 +0000 (20:52 +0200)
diff --git a/group_vars/clients.yml.sample b/group_vars/clients.yml.sample

index f1c8132a8a3465b49614de451476710879794d6e..f98167a3a55a4bc7f004754bc197b4dfac6c21a0 100644 (file)
--- a/group_vars/clients.yml.sample
+++ b/group_vars/clients.yml.sample
@@ -54,7 +54,8 @@ dummy:
  # - { name: client.test, key: "AQAin8tUMICVFBAALRHNrV0Z4MXupRw4v9JQ6Q==" ...
  
  #keys:
-#  - { name: client.test, caps: { mon: "allow r", osd: "allow class-read object_prefix rbd_children, allow rwx pool=test" },  mode: "{{ ceph_keyring_permissions }}" }
-#  - { name: client.test2, caps: { mon: "allow r", osd: "allow class-read object_prefix rbd_children, allow rwx pool=test2" },  mode: "{{ ceph_keyring_permissions }}" }
+#  - { name: client.test, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test" },  mode: "{{ ceph_keyring_permissions }}" }
+#  - { name: client.test2, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test2" },  mode: "{{ ceph_keyring_permissions }}" }
  
  #ceph_nfs_ceph_user: { name: client.rgw.nfs0, key: 'SECRET==', caps: { mon: "allow rw", osd: "allow rwx" }, mode: "{{ ceph_keyring_permissions }}" }
+
diff --git a/group_vars/osds.yml.sample b/group_vars/osds.yml.sample

index 6c3e114d5b4112001cf1d4709d1b2338f846741b..255a61f4ad9fb1c28b5907bdf1adf08a602f49f0 100644 (file)
--- a/group_vars/osds.yml.sample
+++ b/group_vars/osds.yml.sample
@@ -163,3 +163,4 @@ dummy:
  
  #nb_retry_wait_osd_up: 60
  #delay_wait_osd_up: 10
+
diff --git a/roles/ceph-client/defaults/main.yml b/roles/ceph-client/defaults/main.yml

index 1045f2fc6d0c7efcc95453e9b0e4f737ae2df9bf..c210b51b73adc0de5d3689b69f430092b3d0d0a4 100644 (file)
--- a/roles/ceph-client/defaults/main.yml
+++ b/roles/ceph-client/defaults/main.yml
@@ -46,7 +46,7 @@ pools:
  # - { name: client.test, key: "AQAin8tUMICVFBAALRHNrV0Z4MXupRw4v9JQ6Q==" ...
  
  keys:
-  - { name: client.test, caps: { mon: "allow r", osd: "allow class-read object_prefix rbd_children, allow rwx pool=test" },  mode: "{{ ceph_keyring_permissions }}" }
-  - { name: client.test2, caps: { mon: "allow r", osd: "allow class-read object_prefix rbd_children, allow rwx pool=test2" },  mode: "{{ ceph_keyring_permissions }}" }
+  - { name: client.test, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test" },  mode: "{{ ceph_keyring_permissions }}" }
+  - { name: client.test2, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test2" },  mode: "{{ ceph_keyring_permissions }}" }
  
  #ceph_nfs_ceph_user: { name: client.rgw.nfs0, key: 'SECRET==', caps: { mon: "allow rw", osd: "allow rwx" }, mode: "{{ ceph_keyring_permissions }}" }
author	Dimitri Savineau <dsavinea@redhat.com>
	Mon, 26 Aug 2019 19:35:19 +0000 (15:35 -0400)
committer	Guillaume Abrioux <gabrioux@redhat.com>
	Tue, 27 Aug 2019 18:52:23 +0000 (20:52 +0200)
group_vars/clients.yml.sample		patch \| blob \| history
group_vars/osds.yml.sample		patch \| blob \| history
roles/ceph-client/defaults/main.yml		patch \| blob \| history