def get_dmcrypt_key(
_uuid,
key_dir,
- luks,
- cluster
+ luks
):
-
legacy_path = get_dmcrypt_key_path(_uuid, key_dir, luks)
if os.path.exists(legacy_path):
return (legacy_path,)
key, stderr, ret = command(
[
'ceph',
- '--cluster',
- cluster,
'--name',
'client.osd-lockbox.' + osd_uuid,
'--keyring',
self.osd_dm_key = get_dmcrypt_key(
self.get_uuid(), self.args.dmcrypt_key_dir,
- False, self.args.cluster)
+ False)
def set_variables_ptype(self):
self.ptype_map = PTYPE['plain']
self.osd_dm_key = get_dmcrypt_key(
self.get_uuid(), self.args.dmcrypt_key_dir,
- True, self.args.cluster)
+ True)
def set_variables_ptype(self):
self.ptype_map = PTYPE['luks']
'ceph',
'--name', 'client.bootstrap-osd',
'--keyring', bootstrap,
- '--cluster',
- cluster,
'config-key',
'put',
'dm-crypt/osd/' + self.args.osd_uuid + '/luks',
'ceph',
'--name', 'client.bootstrap-osd',
'--keyring', bootstrap,
- '--cluster',
- cluster,
'auth',
'get-or-create',
'client.osd-lockbox.' + self.args.osd_uuid,
return None
-def dmcrypt_map(dev, dmcrypt_key_dir, cluster):
+def dmcrypt_map(dev, dmcrypt_key_dir):
ptype = get_partition_type(dev)
if ptype in Ptype.get_ready_by_type('plain'):
luks = False
raise Error('--dmcrypt called for dev %s with invalid ptype %s'
% (dev, ptype))
part_uuid = get_partition_uuid(dev)
- dmcrypt_key = get_dmcrypt_key(part_uuid, dmcrypt_key_dir, luks, cluster)
+ dmcrypt_key = get_dmcrypt_key(part_uuid, dmcrypt_key_dir, luks)
return _dmcrypt_map(
rawdev=dev,
key=dmcrypt_key,
init,
dmcrypt,
dmcrypt_key_dir,
- cluster,
reactivate=False,
):
if dmcrypt:
part_uuid = get_partition_uuid(dev)
- dev = dmcrypt_map(dev, dmcrypt_key_dir, cluster)
+ dev = dmcrypt_map(dev, dmcrypt_key_dir)
try:
fstype = detect_fstype(dev=dev)
except (subprocess.CalledProcessError,
init=args.mark_init,
dmcrypt=args.dmcrypt,
dmcrypt_key_dir=args.dmcrypt_key_dir,
- cluster=args.cluster,
reactivate=args.reactivate,
)
osd_data = get_mount_point(cluster, osd_id)
])
-def _remove_lockbox(uuid, cluster):
+def _remove_lockbox(uuid):
command([
'ceph',
'auth',
])
command([
'ceph',
- '--cluster',
- cluster,
'config-key',
'del',
'dm-crypt/osd/' + uuid + '/luks',
unmap = False
else:
dmcrypt_path = dmcrypt_map(partition['path'],
- args.dmcrypt_key_dir,
- args.cluster)
+ args.dmcrypt_key_dir)
unmap = True
list_dev_osd(dmcrypt_path, {}, partition)
if unmap:
for name in Space.NAMES:
if target_dev.get(name + '_uuid'):
dmcrypt_unmap(target_dev[name + '_uuid'])
- _remove_lockbox(target_dev['uuid'], args.cluster)
+ _remove_lockbox(target_dev['uuid'])
# Check zap flag. If we found zap flag, we need to find device for
# destroy this osd data.
dev = None
with activate_lock:
if args.dmcrypt:
- dev = dmcrypt_map(args.dev, args.dmcrypt_key_dir, args.cluster)
+ dev = dmcrypt_map(args.dev, args.dmcrypt_key_dir)
else:
dev = args.dev
# FIXME: For an encrypted journal dev, does this return the
init=args.mark_init,
dmcrypt=args.dmcrypt,
dmcrypt_key_dir=args.dmcrypt_key_dir,
- cluster=args.cluster,
reactivate=args.reactivate,
)
activate_key_template=args.activate_key_template,
init=args.mark_init,
dmcrypt=False,
- cluster=args.cluster,
dmcrypt_key_dir='',
)
start_daemon(
projects / ceph.git / commitdiff