mon: only share monmap after authenticated

It is no longer necessary to fetch a monmap pre-authentication, something
we previous did for get_monmap_privately().  New code has replaced this
with get_monmap_and_config(), and it authenticates in order to get that
same information (plus configs).

That change was made in mimic, but we must support upgrades from N-2,
which means that luminous daemons still need to function.  The only caller
for get_monmap_privately() in luminous is from ceph-osd during mkfs.
Disabling this here means that new OSDs cannot be created using nautilus
mons and a luminous ceph-osd.  Include a note for the (future) nautilus
upgrade notes.

Reported-by: Christopher Ryan Harrell <harrellcr@email.arizona.edu>
Signed-off-by: Sage Weil <sage@redhat.com>

diff --git a/PendingReleaseNotes b/PendingReleaseNotes
index ae5a1b3e33cbba2a9aff964a1cb5af93ed8e9232..1742eaa6fe34f82a188188578f56ff6a6d3994db 100644 (file)
--- a/PendingReleaseNotes
+++ b/PendingReleaseNotes
@@ -36,3 +36,16 @@
 * The ``osd_heartbeat_addr`` option has been removed as it served no
   (good) purpose: the OSD should always check heartbeats on both the
   public and cluster networks.
+
+
+
+
+
+
+
+Upgrading from Luminous
+-----------------------
+
+* During the upgrade from luminous to nautilus, it will not be possible to create
+  a new OSD using a luminous ceph-osd daemon after the monitors have been
+  upgraded to nautilus.

diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc
index 687be108770be559ee9c8933617bd37f6c9be0ad..a81f8cfc6632cca7cc62d6c69d454e03e37b2080 100644 (file)
--- a/src/mon/Monitor.cc
+++ b/src/mon/Monitor.cc
@@ -4111,17 +4111,6 @@ void Monitor::dispatch_op(MonOpRequestRef op)
     case CEPH_MSG_PING:
       handle_ping(op);
       return;
-
-    /* MMonGetMap may be used by clients to obtain a monmap *before*
-     * authenticating with the monitor.  We need to handle these without
-     * checking caps because, even on a cluster without cephx, we only set
-     * session caps *after* the auth handshake.  A good example of this
-     * is when a client calls MonClient::get_monmap_privately(), which does
-     * not authenticate when obtaining a monmap.
-     */
-    case CEPH_MSG_MON_GET_MAP:
-      handle_mon_get_map(op);
-      return;
   }
 
   if (!op->get_session()->authenticated) {
@@ -4132,6 +4121,10 @@ void Monitor::dispatch_op(MonOpRequestRef op)
   }
 
   switch (op->get_req()->get_type()) {
+    case CEPH_MSG_MON_GET_MAP:
+      handle_mon_get_map(op);
+      return;
+
     case MSG_GET_CONFIG:
       configmon()->handle_get_config(op);
       return;