From: Patrick Donnelly <pdonnell@ibm.com>
Date: Fri, 9 May 2025 18:15:09 +0000 (-0400)
Subject: mon/MonMap: add auth epoch
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=70b33dcb3e7f5d1fdad0e1f0af75d48cf2a2955c;p=ceph-ci.git

mon/MonMap: add auth epoch

This will be used to indicate to clients / service daemons that the auth
service keys have been rotated. Clients and service daemons are expected to
invalidate their tickets and reauth. Service daemons should wipe their service
keys.

Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>
---

diff --git a/src/mon/MonMap.cc b/src/mon/MonMap.cc
index 301cdbd77c7..72481892e34 100644
--- a/src/mon/MonMap.cc
+++ b/src/mon/MonMap.cc
@@ -250,7 +250,7 @@ void MonMap::encode(ceph::buffer::list& blist, uint64_t con_features) const
     return;
   }
 
-  ENCODE_START(9, 6, blist);
+  ENCODE_START(10, 6, blist);
   ceph::encode_raw(fsid, blist);
   encode(epoch, blist);
   encode(last_changed, blist);
@@ -267,13 +267,14 @@ void MonMap::encode(ceph::buffer::list& blist, uint64_t con_features) const
   encode(stretch_mode_enabled, blist);
   encode(tiebreaker_mon, blist);
   encode(stretch_marked_down_mons, blist);
+  encode(auth_epoch, blist);
   ENCODE_FINISH(blist);
 }
 
 void MonMap::decode(ceph::buffer::list::const_iterator& p)
 {
   map<string,entity_addr_t> mon_addr;
-  DECODE_START_LEGACY_COMPAT_LEN_16(9, 3, 3, p);
+  DECODE_START_LEGACY_COMPAT_LEN_16(10, 3, 3, p);
   ceph::decode_raw(fsid, p);
   decode(epoch, p);
   if (struct_v == 1) {
@@ -331,6 +332,9 @@ void MonMap::decode(ceph::buffer::list::const_iterator& p)
     tiebreaker_mon = "";
     stretch_marked_down_mons.clear();
   }
+  if (struct_v >= 10) {
+    decode(auth_epoch, p);
+  }
   calc_addr_mons();
   DECODE_FINISH(p);
 }
@@ -474,11 +478,13 @@ void MonMap::print(ostream& out) const
     }
     out << "\n";
   }
+  out << "auth_epoch " << auth_epoch << "\n";
 }
 
 void MonMap::dump(Formatter *f) const
 {
   f->dump_unsigned("epoch", epoch);
+  f->dump_unsigned("auth_epoch", auth_epoch);
   f->dump_stream("fsid") <<  fsid;
   last_changed.gmtime(f->dump_stream("modified"));
   created.gmtime(f->dump_stream("created"));
diff --git a/src/mon/MonMap.h b/src/mon/MonMap.h
index 4585a6f265b..ba6996219c4 100644
--- a/src/mon/MonMap.h
+++ b/src/mon/MonMap.h
@@ -169,6 +169,8 @@ class MonMap {
   std::set<std::string> stretch_marked_down_mons; // can't be leader or taken proposal in CONNECTIVITY 
                                                   // seriously until fully recovered
 
+  epoch_t auth_epoch = 0;
+
 public:
   void calc_legacy_ranks();
   void calc_addr_mons() {