ceph: put client keyrings in /etc/ceph/ceph.$name.keyring

And make it world readable, for ubuntu's sake.

Signed-off-by: Sage Weil <sage@inktank.com>

diff --git a/teuthology/misc.py b/teuthology/misc.py
index 148ce7d42820d9ba99b51a3f01c4cca15c54d100..9d5918e97365c7305c3ac02b84138883ef26fdee 100644 (file)
--- a/teuthology/misc.py
+++ b/teuthology/misc.py
@@ -543,6 +543,9 @@ def reconnect(ctx, timeout):
 
 def write_secret_file(ctx, remote, role, filename):
     testdir = get_testdir(ctx)
+    keyring = '{tdir}/data/{role}.keyring'.format(tdir=testdir, role=role)
+    if role.startswith('client.'):
+        keyring = '/etc/ceph/ceph.{role}.keyring'.format(role=role)
     remote.run(
         args=[
             '{tdir}/enable-coredump'.format(tdir=testdir),
@@ -551,7 +554,7 @@ def write_secret_file(ctx, remote, role, filename):
             'ceph-authtool',
             '--name={role}'.format(role=role),
             '--print-key',
-            '{tdir}/data/{role}.keyring'.format(tdir=testdir, role=role),
+            keyring,
             run.Raw('>'),
             filename,
             ],

diff --git a/teuthology/task/ceph.py b/teuthology/task/ceph.py
index b2aa944d2911293139b6ecbfead20ecd2c1704bf..b2840ecebf7527955454a8233545657bb63decbc 100644 (file)
--- a/teuthology/task/ceph.py
+++ b/teuthology/task/ceph.py
@@ -622,17 +622,24 @@ def cluster(ctx, config):
     clients = ctx.cluster.only(teuthology.is_type('client'))
     for remote, roles_for_host in clients.remotes.iteritems():
         for id_ in teuthology.roles_of_type(roles_for_host, 'client'):
+            client_keyring = '/etc/ceph/ceph.client.{id}.keyring'.format(id=id_)
             remote.run(
                 args=[
                     '{tdir}/enable-coredump'.format(tdir=testdir),
                     'ceph-coverage',
                     coverage_dir,
+                    'sudo',
                     'ceph-authtool',
                     '--create-keyring',
                     '--gen-key',
                     # TODO this --name= is not really obeyed, all unknown "types" are munged to "client"
                     '--name=client.{id}'.format(id=id_),
-                    '{tdir}/data/client.{id}.keyring'.format(tdir=testdir, id=id_),
+                    client_keyring,
+                    run.Raw('&&'),
+                    'sudo',
+                    'chmod',
+                    '0644',
+                    client_keyring,
                     ],
                 )
 
@@ -640,7 +647,7 @@ def cluster(ctx, config):
     keys_fp = StringIO()
     keys = []
     for remote, roles_for_host in ctx.cluster.remotes.iteritems():
-        for type_ in ['osd', 'mds', 'client']:
+        for type_ in ['osd', 'mds']:
             for id_ in teuthology.roles_of_type(roles_for_host, type_):
                 data = teuthology.get_file(
                     remote=remote,
@@ -652,6 +659,15 @@ def cluster(ctx, config):
                     )
                 keys.append((type_, id_, data))
                 keys_fp.write(data)
+    for remote, roles_for_host in ctx.cluster.remotes.iteritems():
+        for type_ in ['client']:
+            for id_ in teuthology.roles_of_type(roles_for_host, type_):
+                data = teuthology.get_file(
+                    remote=remote,
+                    path='/etc/ceph/ceph.client.{id}.keyring'.format(id=id_)
+                    )
+                keys.append((type_, id_, data))
+                keys_fp.write(data)
 
     log.info('Adding keys to all mons...')
     writes = mons.run(