return (secrets.find(name) != secrets.end());
}
+ void clear_secrets() {
+ secrets.clear();
+ }
+
void add_auth(const EntityName& name, EntityAuth& auth) {
secrets[name] = auth;
}
}
};
+ void bootstrap_keyring(KeyRing& keyring) {
+ secrets = keyring.get_keys();
+ }
+
void apply_incremental(Incremental& inc) {
switch (inc.op) {
case AUTH_INC_ADD:
return data.version;
}
+ void clear_secrets() {
+ data.clear_secrets();
+ }
+
void apply_data_incremental(KeyServerData::Incremental& inc) {
data.apply_incremental(inc);
}
Mutex& get_lock() const { return lock; }
bool get_service_caps(const EntityName& name, uint32_t service_id,
AuthCapsInfo& caps) const;
+
+ void bootstrap_keyring(KeyRing& keyring) {
+ data.bootstrap_keyring(keyring);
+ }
+
};
WRITE_CLASS_ENCODER(KeyServer);
bool success = paxos->read(keys_ver+1, bl);
assert(success);
+ // reset if we are moving to initial state. we will normally have
+ // keys in here temporarily for bootstrapping that we need to
+ // clear out.
+ if (keys_ver == 0)
+ mon->key_server.clear_secrets();
+
bufferlist::iterator p = bl.begin();
__u8 v;
::decode(v, p);
for (vector<PaxosService*>::iterator ps = paxos_service.begin(); ps != paxos_service.end(); ps++)
(*ps)->update_from_paxos();
+ // we need to bootstrap authentication keys so we can form an
+ // initial quorum.
+ if (authmon()->paxos->get_version() == 0) {
+ dout(10) << "loading initial keyring to bootstrap authentication for mkfs" << dendl;
+ bufferlist bl;
+ store->get_bl_ss(bl, "mkfs", "keyring");
+ KeyRing keyring;
+ bufferlist::iterator p = bl.begin();
+ ::decode(keyring, p);
+ key_server.bootstrap_keyring(keyring);
+ }
+
// i'm ready!
messenger->add_dispatcher_tail(this);
messenger->add_dispatcher_head(&clog);
::encode(keyring, keyringbl);
store->put_bl_ss(keyringbl, "mkfs", "keyring");
-
- // do it
- for (vector<PaxosService*>::iterator p = paxos_service.begin(); p != paxos_service.end(); p++) {
- PaxosService *svc = *p;
- if (!svc)
- continue;
- dout(10) << "initializing " << svc->get_machine_name() << dendl;
- svc->paxos->init();
- svc->create_pending();
- svc->create_initial();
- // commit to paxos
- bufferlist bl;
- svc->encode_pending(bl);
- store->put_bl_sn(bl, svc->get_machine_name(), 1);
- store->put_int(1, svc->get_machine_name(), "first_committed");
- store->put_int(1, svc->get_machine_name(), "last_committed");
- }
-
return 0;
}
projects / ceph.git / commitdiff