From: Guillaume Abrioux Date: Tue, 30 Nov 2021 09:00:20 +0000 (+0100) Subject: cephadm-adopt: bindmount /var/lib/ceph with 'ro' X-Git-Tag: v5.0.12~28 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=8f26939da49691e035dde0cea0c2e2d3ee7c40f3;p=ceph-ansible.git cephadm-adopt: bindmount /var/lib/ceph with 'ro' When collocating osds with iscsigw daemons, cephadm bindmounts the following: ``` -v /var/lib/ceph/6126c064-6a9e-4092-8a64-977930df0843/iscsi.rbd.ceph-ameenasuhani-4fs3bq-node5.vomtqb/configfs:/sys/kernel/config ``` this prevents cephadm-adopt playbook from running container and bindmounting `/var/lib/ceph:/var/lib/ceph:z` since 'ro' is enough in this playbook, let's replace the ':z' option on this bindmount with ':ro' Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2027411 Signed-off-by: Guillaume Abrioux (cherry picked from commit c4fdf956bd7269cb457023c45366d0edc17a8a67) --- diff --git a/infrastructure-playbooks/cephadm-adopt.yml b/infrastructure-playbooks/cephadm-adopt.yml index 9da50a91e..eb50b5015 100644 --- a/infrastructure-playbooks/cephadm-adopt.yml +++ b/infrastructure-playbooks/cephadm-adopt.yml @@ -176,7 +176,7 @@ - name: set_fact ceph_cmd set_fact: - ceph_cmd: "{{ container_binary + ' run --rm --net=host -v /etc/ceph:/etc/ceph:z -v /var/lib/ceph:/var/lib/ceph:z -v /var/run/ceph:/var/run/ceph:z --entrypoint=ceph ' + ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else 'ceph' }} --cluster {{ cluster }}" + ceph_cmd: "{{ container_binary + ' run --rm --net=host -v /etc/ceph:/etc/ceph:z -v /var/lib/ceph:/var/lib/ceph:ro -v /var/run/ceph:/var/run/ceph:z --entrypoint=ceph ' + ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else 'ceph' }} --cluster {{ cluster }}" - name: get current fsid command: "{{ ceph_cmd }} fsid" diff --git a/library/ceph_volume.py b/library/ceph_volume.py index 24de78ae6..76d409b0c 100644 --- a/library/ceph_volume.py +++ b/library/ceph_volume.py @@ -186,7 +186,6 @@ EXAMPLES = ''' ''' -<<<<<<< HEAD def fatal(message, module): ''' Report a fatal error and exit @@ -198,10 +197,7 @@ def fatal(message, module): raise(Exception(message)) -def container_exec(binary, container_image): -======= def container_exec(binary, container_image, mounts=None): ->>>>>>> b02d71c30 (ceph_volume: support overriding bind-mounts) ''' Build the docker CLI to run a command inside a container '''