From: Sage Weil <sage@redhat.com>
Date: Tue, 5 Jun 2018 22:30:14 +0000 (-0500)
Subject: mon: add 'osd destroy-new' command that only destroys NEW osd slots
X-Git-Tag: v14.0.1~1151^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=547d96dc01cd913f6543528eb75bb5015e00e893;p=ceph.git

mon: add 'osd destroy-new' command that only destroys NEW osd slots

ceph-volume may run into a problem and want to clean up, but we do not
want to give it blanket access to the 'osd destroy' command.  Instead,
make an 'osd destroy-new' that can only create new OSDs (ones that are
in the process of being created but have never booted yet).

Signed-off-by: Sage Weil <sage@redhat.com>
---

diff --git a/qa/workunits/cephtool/test.sh b/qa/workunits/cephtool/test.sh
index cb40c715146b..e525df9452cb 100755
--- a/qa/workunits/cephtool/test.sh
+++ b/qa/workunits/cephtool/test.sh
@@ -1334,7 +1334,7 @@ function test_mon_osd_create_destroy()
   expect_false ceph auth get-key client.osd-lockbox.$uuid2
   expect_false ceph config-key exists dm-crypt/osd/$uuid2/luks
 
-  ceph osd destroy osd.$id2 --yes-i-really-mean-it
+  ceph osd destroy-new osd.$id2 --yes-i-really-mean-it
   ceph osd destroy $id2 --yes-i-really-mean-it
   ceph osd find $id2
   expect_false ceph auth get-key osd.$id2
diff --git a/src/mon/MonCommands.h b/src/mon/MonCommands.h
index 30263d913e4f..9739485bd715 100644
--- a/src/mon/MonCommands.h
+++ b/src/mon/MonCommands.h
@@ -874,6 +874,13 @@ COMMAND("osd destroy " \
         "but removes cephx keys, config-key data and lockbox keys, "\
         "rendering data permanently unreadable.", \
         "osd", "rw", "cli,rest")
+COMMAND("osd destroy-new " \
+        "name=id,type=CephOsdName " \
+        "name=sure,type=CephChoices,strings=--yes-i-really-mean-it,req=false", \
+        "mark osd as being destroyed. Keeps the ID intact (allowing reuse), " \
+        "but removes cephx keys, config-key data and lockbox keys, "\
+        "rendering data permanently unreadable.  Only works on new, unbooted osd ids.", \
+        "osd", "rw", "cli,rest")
 COMMAND("osd purge " \
         "name=id,type=CephOsdName " \
         "name=sure,type=CephChoices,strings=--yes-i-really-mean-it,req=false", \
diff --git a/src/mon/OSDMonitor.cc b/src/mon/OSDMonitor.cc
index f0400c2a0d1c..081cbcfe2f5e 100644
--- a/src/mon/OSDMonitor.cc
+++ b/src/mon/OSDMonitor.cc
@@ -10496,7 +10496,9 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op,
       return true;
     }
 
-  } else if (prefix == "osd destroy" || prefix == "osd purge") {
+  } else if (prefix == "osd destroy" ||
+	     prefix == "osd purge" ||
+	     prefix == "osd destroy-new") {
     /* Destroying an OSD means that we don't expect to further make use of
      * the OSDs data (which may even become unreadable after this operation),
      * and that we are okay with scrubbing all its cephx keys and config-key
@@ -10525,7 +10527,8 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op,
       goto reply;
     }
 
-    bool is_destroy = (prefix == "osd destroy");
+    bool is_destroy = (prefix == "osd destroy" ||
+		       prefix == "osd destroy-new");
     if (!is_destroy) {
       assert("osd purge" == prefix);
     }
@@ -10552,6 +10555,13 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op,
       goto reply;
     }
 
+    if (prefix == "osd destroy-new" &&
+	(osdmap.get_state(id) & CEPH_OSD_NEW) == 0) {
+      ss << "osd." << id << " is not new";
+      err = -EPERM;
+      goto reply;
+    }
+
     bool goto_reply = false;
 
     paxos->plug();