From: Sage Weil Date: Fri, 26 Mar 2021 16:02:50 +0000 (-0400) Subject: cephadm: set auth_allow_insecure_global_id_reclaim for mon on bootstrap X-Git-Tag: v15.2.11~7 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=13e9e57d6e61d2f60eadfb076edcda8ca92b8b35;p=ceph.git cephadm: set auth_allow_insecure_global_id_reclaim for mon on bootstrap If this is a fresh pacific cluster, let's assume that there won't be legacy clients connecting. (And if there are, let's put the burden on the user to enable them to do so insecurely.) This is in contrast to upgrades, where our focus is on not breaking anything. Signed-off-by: Sage Weil (cherry picked from commit 7ca74183226b1125b29f4ea8f324ae9e38b46795) Conflicts: src/cephadm/cephadm [ commit 369989ebf90c ("cephadm: split-off config work on bootstrap") not in octopus ] --- diff --git a/qa/suites/rados/thrash-old-clients/ceph.yaml b/qa/suites/rados/thrash-old-clients/ceph.yaml index 42f9495a851..ebcd7c14250 100644 --- a/qa/suites/rados/thrash-old-clients/ceph.yaml +++ b/qa/suites/rados/thrash-old-clients/ceph.yaml @@ -1,2 +1,5 @@ tasks: - cephadm: + conf: + mon: + auth allow insecure global id reclaim: true diff --git a/src/cephadm/cephadm b/src/cephadm/cephadm index 1b4163b82e2..638cd1fd862 100755 --- a/src/cephadm/cephadm +++ b/src/cephadm/cephadm @@ -2897,8 +2897,15 @@ def command_bootstrap(): if not cp.has_section('global'): cp.add_section('global') cp.set('global', 'fsid', fsid); - cp.set('global', 'mon host', addr_arg) + cp.set('global', 'mon_host', addr_arg) cp.set('global', 'container_image', args.image) + if not cp.has_section('mon'): + cp.add_section('mon') + if ( + not cp.has_option('mon', 'auth_allow_insecure_global_id_reclaim') + and not cp.has_option('mon', 'auth allow insecure global id reclaim') + ): + cp.set('mon', 'auth_allow_insecure_global_id_reclaim', 'false') cpf = StringIO() cp.write(cpf) config = cpf.getvalue()