From: Michael Fritch Date: Tue, 1 Sep 2020 18:32:04 +0000 (-0600) Subject: mgr/cephadm: move `name_to_auth_entity` to `get_auth_entity` X-Git-Tag: v16.1.0~1134^2~3 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=5e4140944f23f5cf90ee2dab91857f7b6f7a8bfc;p=ceph.git mgr/cephadm: move `name_to_auth_entity` to `get_auth_entity` refactor the logic for getting the keyring auth entity from the utils module into the CephadmService class Signed-off-by: Michael Fritch --- diff --git a/src/pybind/mgr/cephadm/module.py b/src/pybind/mgr/cephadm/module.py index 2d2b6308f90..14c6d8c1fbf 100644 --- a/src/pybind/mgr/cephadm/module.py +++ b/src/pybind/mgr/cephadm/module.py @@ -35,7 +35,7 @@ from . import remotes from . import utils from .migrations import Migrations from .services.cephadmservice import MonService, MgrService, MdsService, RgwService, \ - RbdMirrorService, CrashService, CephadmService + RbdMirrorService, CrashService, CephadmService, AuthEntity from .services.iscsi import IscsiService from .services.nfs import NFSService from .services.osd import RemoveUtil, OSDQueue, OSDService, OSD, NotFoundError @@ -1886,10 +1886,11 @@ To check that the host is reachable: # type: (str, str, str, Optional[str], Optional[str]) -> Dict[str, Any] # keyring if not keyring: - ename = utils.name_to_auth_entity(daemon_type, daemon_id, host=host) + entity: AuthEntity = \ + self.cephadm_services[daemon_type].get_auth_entity(daemon_id, host=host) ret, keyring, err = self.check_mon_command({ 'prefix': 'auth get', - 'entity': ename, + 'entity': entity, }) # generate config diff --git a/src/pybind/mgr/cephadm/services/cephadmservice.py b/src/pybind/mgr/cephadm/services/cephadmservice.py index fee1fb05977..3f8d634f7a7 100644 --- a/src/pybind/mgr/cephadm/services/cephadmservice.py +++ b/src/pybind/mgr/cephadm/services/cephadmservice.py @@ -3,7 +3,8 @@ import re import logging import subprocess from abc import ABCMeta, abstractmethod -from typing import TYPE_CHECKING, List, Callable, Any, TypeVar, Generic, Optional, Dict, Any, Tuple +from typing import TYPE_CHECKING, List, Callable, Any, TypeVar, Generic, \ + Optional, Dict, Any, Tuple, NewType from mgr_module import HandleCommandResult, MonCommandFailed @@ -18,6 +19,7 @@ if TYPE_CHECKING: logger = logging.getLogger(__name__) ServiceSpecs = TypeVar('ServiceSpecs', bound=ServiceSpec) +AuthEntity = NewType('AuthEntity', str) class CephadmDaemonSpec(Generic[ServiceSpecs]): @@ -227,6 +229,25 @@ class CephadmService(metaclass=ABCMeta): """ pass + def get_auth_entity(self, daemon_id: str, host: str = "") -> AuthEntity: + """ + Map the daemon id to a cephx keyring entity name + """ + if self.TYPE in ['rgw', 'rbd-mirror', 'nfs', "iscsi"]: + return AuthEntity('client.' + self.TYPE + "." + daemon_id) + elif self.TYPE == 'crash': + if host == "": + raise OrchestratorError("Host not provided to generate auth entity name") + return AuthEntity('client.' + self.TYPE + "." + host) + elif self.TYPE == 'mon': + return AuthEntity('mon.') + elif self.TYPE == 'mgr': + return AuthEntity(self.TYPE + "." + daemon_id) + elif self.TYPE in ['osd', 'mds', 'client']: + return AuthEntity(self.TYPE + "." + daemon_id) + else: + raise OrchestratorError("unknown daemon type") + class MonService(CephadmService): TYPE = 'mon' diff --git a/src/pybind/mgr/cephadm/services/iscsi.py b/src/pybind/mgr/cephadm/services/iscsi.py index f09a693cb01..3b9b4ff0a59 100644 --- a/src/pybind/mgr/cephadm/services/iscsi.py +++ b/src/pybind/mgr/cephadm/services/iscsi.py @@ -32,7 +32,7 @@ class IscsiService(CephadmService): ret, keyring, err = self.mgr.check_mon_command({ 'prefix': 'auth get-or-create', - 'entity': utils.name_to_auth_entity('iscsi', igw_id), + 'entity': self.get_auth_entity(igw_id), 'caps': ['mon', 'profile rbd, ' 'allow command "osd blocklist", ' 'allow command "config-key get" with "key" prefix "iscsi/"', diff --git a/src/pybind/mgr/cephadm/tests/test_services.py b/src/pybind/mgr/cephadm/tests/test_services.py index 9857e6fe4dc..865b4856dec 100644 --- a/src/pybind/mgr/cephadm/tests/test_services.py +++ b/src/pybind/mgr/cephadm/tests/test_services.py @@ -1,6 +1,16 @@ +import pytest + from unittest.mock import MagicMock -from cephadm.services.monitoring import GrafanaService +from cephadm.services.cephadmservice import MonService, MgrService, MdsService, RgwService, \ + RbdMirrorService, CrashService, CephadmService, AuthEntity +from cephadm.services.iscsi import IscsiService +from cephadm.services.nfs import NFSService +from cephadm.services.osd import RemoveUtil, OSDQueue, OSDService, OSD, NotFoundError +from cephadm.services.monitoring import GrafanaService, AlertmanagerService, PrometheusService, \ + NodeExporterService + +from orchestrator import OrchestratorError class FakeMgr: @@ -31,3 +41,75 @@ class TestCephadmService: mgr.check_mon_command.reset_mock() service._set_service_url_on_dashboard('svc', 'get-cmd', 'set-cmd', service_url) mgr.check_mon_command.assert_called_once_with({'prefix': 'get-cmd'}) + + def _get_services(self, mgr): + # services: + osd_service = OSDService(mgr) + nfs_service = NFSService(mgr) + mon_service = MonService(mgr) + mgr_service = MgrService(mgr) + mds_service = MdsService(mgr) + rgw_service = RgwService(mgr) + rbd_mirror_service = RbdMirrorService(mgr) + grafana_service = GrafanaService(mgr) + alertmanager_service = AlertmanagerService(mgr) + prometheus_service = PrometheusService(mgr) + node_exporter_service = NodeExporterService(mgr) + crash_service = CrashService(mgr) + iscsi_service = IscsiService(mgr) + cephadm_services = { + 'mon': mon_service, + 'mgr': mgr_service, + 'osd': osd_service, + 'mds': mds_service, + 'rgw': rgw_service, + 'rbd-mirror': rbd_mirror_service, + 'nfs': nfs_service, + 'grafana': grafana_service, + 'alertmanager': alertmanager_service, + 'prometheus': prometheus_service, + 'node-exporter': node_exporter_service, + 'crash': crash_service, + 'iscsi': iscsi_service, + } + return cephadm_services + + def test_get_auth_entity(self): + mgr = FakeMgr() + cephadm_services = self._get_services(mgr) + + for daemon_type in ['rgw', 'rbd-mirror', 'nfs', "iscsi"]: + assert "client.%s.id1" % (daemon_type) == \ + cephadm_services[daemon_type].get_auth_entity("id1", "host") + assert "client.%s.id1" % (daemon_type) == \ + cephadm_services[daemon_type].get_auth_entity("id1", "") + assert "client.%s.id1" % (daemon_type) == \ + cephadm_services[daemon_type].get_auth_entity("id1") + + assert "client.crash.host" == \ + cephadm_services["crash"].get_auth_entity("id1", "host") + with pytest.raises(OrchestratorError): + t = cephadm_services["crash"].get_auth_entity("id1", "") + t = cephadm_services["crash"].get_auth_entity("id1") + + assert "mon." == cephadm_services["mon"].get_auth_entity("id1", "host") + assert "mon." == cephadm_services["mon"].get_auth_entity("id1", "") + assert "mon." == cephadm_services["mon"].get_auth_entity("id1") + + assert "mgr.id1" == cephadm_services["mgr"].get_auth_entity("id1", "host") + assert "mgr.id1" == cephadm_services["mgr"].get_auth_entity("id1", "") + assert "mgr.id1" == cephadm_services["mgr"].get_auth_entity("id1") + + for daemon_type in ["osd", "mds"]: + assert "%s.id1" % daemon_type == \ + cephadm_services[daemon_type].get_auth_entity("id1", "host") + assert "%s.id1" % daemon_type == \ + cephadm_services[daemon_type].get_auth_entity("id1", "") + assert "%s.id1" % daemon_type == \ + cephadm_services[daemon_type].get_auth_entity("id1") + + with pytest.raises(OrchestratorError): + for daemon_type in ['grafana', 'alertmanager', 'prometheus', 'node-exporter']: + cephadm_services[daemon_type].get_auth_entity("id1", "host") + cephadm_services[daemon_type].get_auth_entity("id1", "") + cephadm_services[daemon_type].get_auth_entity("id1") diff --git a/src/pybind/mgr/cephadm/tests/test_utils.py b/src/pybind/mgr/cephadm/tests/test_utils.py deleted file mode 100644 index 4a76482f89c..00000000000 --- a/src/pybind/mgr/cephadm/tests/test_utils.py +++ /dev/null @@ -1,35 +0,0 @@ -import pytest - -from orchestrator import OrchestratorError -from cephadm.utils import name_to_auth_entity - - -def test_name_to_auth_entity(fs): - - for daemon_type in ['rgw', 'rbd-mirror', 'nfs', "iscsi"]: - assert "client.%s.id1" % (daemon_type) == name_to_auth_entity(daemon_type, "id1", "host") - assert "client.%s.id1" % (daemon_type) == name_to_auth_entity(daemon_type, "id1", "") - assert "client.%s.id1" % (daemon_type) == name_to_auth_entity(daemon_type, "id1") - - assert "client.crash.host" == name_to_auth_entity("crash", "id1", "host") - with pytest.raises(OrchestratorError): - t = name_to_auth_entity("crash", "id1", "") - t = name_to_auth_entity("crash", "id1") - - assert "mon." == name_to_auth_entity("mon", "id1", "host") - assert "mon." == name_to_auth_entity("mon", "id1", "") - assert "mon." == name_to_auth_entity("mon", "id1") - - assert "mgr.id1" == name_to_auth_entity("mgr", "id1", "host") - assert "mgr.id1" == name_to_auth_entity("mgr", "id1", "") - assert "mgr.id1" == name_to_auth_entity("mgr", "id1") - - for daemon_type in ["osd", "mds", "client"]: - assert "%s.id1" % daemon_type == name_to_auth_entity(daemon_type, "id1", "host") - assert "%s.id1" % daemon_type == name_to_auth_entity(daemon_type, "id1", "") - assert "%s.id1" % daemon_type == name_to_auth_entity(daemon_type, "id1") - - with pytest.raises(OrchestratorError): - name_to_auth_entity("whatever", "id1", "host") - name_to_auth_entity("whatever", "id1", "") - name_to_auth_entity("whatever", "id1") diff --git a/src/pybind/mgr/cephadm/utils.py b/src/pybind/mgr/cephadm/utils.py index ca8bb48c04c..9b3f2dbe781 100644 --- a/src/pybind/mgr/cephadm/utils.py +++ b/src/pybind/mgr/cephadm/utils.py @@ -13,7 +13,6 @@ T = TypeVar('T') logger = logging.getLogger(__name__) ConfEntity = NewType('ConfEntity', str) -AuthEntity = NewType('AuthEntity', str) class CephadmNoImage(Enum): @@ -37,29 +36,6 @@ def name_to_config_section(name: str) -> ConfEntity: return ConfEntity('mon') -def name_to_auth_entity(daemon_type: str, - daemon_id: str, - host: str = "", - ) -> AuthEntity: - """ - Map from daemon names/host to ceph entity names (as seen in config) - """ - if daemon_type in ['rgw', 'rbd-mirror', 'nfs', "iscsi"]: - return AuthEntity('client.' + daemon_type + "." + daemon_id) - elif daemon_type == 'crash': - if host == "": - raise OrchestratorError("Host not provided to generate auth entity name") - return AuthEntity('client.' + daemon_type + "." + host) - elif daemon_type == 'mon': - return AuthEntity('mon.') - elif daemon_type == 'mgr': - return AuthEntity(daemon_type + "." + daemon_id) - elif daemon_type in ['osd', 'mds', 'client']: - return AuthEntity(daemon_type + "." + daemon_id) - else: - raise OrchestratorError("unknown auth entity name") - - def forall_hosts(f: Callable[..., T]) -> Callable[..., List[T]]: @wraps(f) def forall_hosts_wrapper(*args) -> List[T]: