mgr/cephadm: use `get_auth_entity()`

- some services have hard-coded auth entity names
- some services are incorrectly using `utils.name_to_config_section()`

Signed-off-by: Michael Fritch <mfritch@suse.com>

diff --git a/src/pybind/mgr/cephadm/services/cephadmservice.py b/src/pybind/mgr/cephadm/services/cephadmservice.py
index 3f8d634f7a7a2b6fc1d3c1a5ee0eb885ee935cf2..f43c61f88bd7c4e3a5c8005eb272aa9265de4783 100644 (file)
--- a/src/pybind/mgr/cephadm/services/cephadmservice.py
+++ b/src/pybind/mgr/cephadm/services/cephadmservice.py
@@ -262,7 +262,7 @@ class MonService(CephadmService):
         # get mon. key
         ret, keyring, err = self.mgr.check_mon_command({
             'prefix': 'auth get',
-            'entity': 'mon.',
+            'entity': self.get_auth_entity(name),
         })
 
         extra_config = '[mon.%s]\n' % name
@@ -347,7 +347,7 @@ class MgrService(CephadmService):
         # get mgr. key
         ret, keyring, err = self.mgr.check_mon_command({
             'prefix': 'auth get-or-create',
-            'entity': 'mgr.%s' % mgr_id,
+            'entity': self.get_auth_entity(mgr_id),
             'caps': ['mon', 'profile mgr',
                      'osd', 'allow *',
                      'mds', 'allow *'],
@@ -432,7 +432,7 @@ class MdsService(CephadmService):
         # get mgr. key
         ret, keyring, err = self.mgr.check_mon_command({
             'prefix': 'auth get-or-create',
-            'entity': 'mds.' + mds_id,
+            'entity': self.get_auth_entity(mds_id),
             'caps': ['mon', 'profile mds',
                      'osd', 'allow rw tag cephfs *=*',
                      'mds', 'allow'],
@@ -533,7 +533,7 @@ class RgwService(CephadmService):
     def get_keyring(self, rgw_id: str):
         ret, keyring, err = self.mgr.check_mon_command({
             'prefix': 'auth get-or-create',
-            'entity': f"{utils.name_to_config_section('rgw')}.{rgw_id}",
+            'entity': self.get_auth_entity(rgw_id),
             'caps': ['mon', 'allow *',
                      'mgr', 'allow rw',
                      'osd', 'allow rwx'],
@@ -666,7 +666,7 @@ class RbdMirrorService(CephadmService):
 
         ret, keyring, err = self.mgr.check_mon_command({
             'prefix': 'auth get-or-create',
-            'entity': 'client.rbd-mirror.' + daemon_id,
+            'entity': self.get_auth_entity(daemon_id),
             'caps': ['mon', 'profile rbd-mirror',
                      'osd', 'profile rbd'],
         })
@@ -685,7 +685,7 @@ class CrashService(CephadmService):
 
         ret, keyring, err = self.mgr.check_mon_command({
             'prefix': 'auth get-or-create',
-            'entity': 'client.crash.' + host,
+            'entity': self.get_auth_entity(daemon_id, host=host),
             'caps': ['mon', 'profile crash',
                      'mgr', 'profile crash'],
         })

diff --git a/src/pybind/mgr/cephadm/services/nfs.py b/src/pybind/mgr/cephadm/services/nfs.py
index ac2d525ee3f60c76eb3ae87eaf95de7334999b21..ed3e0c393f2f4b503bcf583734f1e05aa0751712 100644 (file)
--- a/src/pybind/mgr/cephadm/services/nfs.py
+++ b/src/pybind/mgr/cephadm/services/nfs.py
@@ -51,7 +51,7 @@ class NFSService(CephadmService):
 
         # create the keyring
         user = f'{daemon_type}.{daemon_id}'
-        entity = utils.name_to_config_section(user)
+        entity = self.get_auth_entity(daemon_id)
         keyring = self.get_or_create_keyring(entity)
 
         # update the caps after get-or-create, the keyring might already exist!