From: Sage Weil <sage@redhat.com>
Date: Wed, 11 Oct 2017 21:32:16 +0000 (-0500)
Subject: osd: store osd cephx key in "osd_key" meta slot
X-Git-Tag: v12.2.2~133^2~11
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=ce83461a60cea6026a7abdd51b2a7a35302392c6;p=ceph.git

osd: store osd cephx key in "osd_key" meta slot

Note that this *only* works with --mkkey (deprecated except for
vstart.sh) and --key <key>.  If you write out a full keyring before
running --mkfs it doesn't get populated.  Users should pass --key
instead of --keyring in that case.

Signed-off-by: Sage Weil <sage@redhat.com>
(cherry picked from commit 65b707358e5442eab0fd6ba4d05d9f0a7adc969f)
---

diff --git a/src/osd/OSD.cc b/src/osd/OSD.cc
index 01f691ee3b88..c586afccefda 100644
--- a/src/osd/OSD.cc
+++ b/src/osd/OSD.cc
@@ -1789,7 +1789,7 @@ int OSD::mkfs(CephContext *cct, ObjectStore *store, const string &dev,
     waiter.wait();
   }
 
-  ret = write_meta(store, sb.cluster_fsid, sb.osd_fsid, whoami);
+  ret = write_meta(cct, store, sb.cluster_fsid, sb.osd_fsid, whoami);
   if (ret) {
     derr << "OSD::mkfs: failed to write fsid file: error "
          << cpp_strerror(ret) << dendl;
@@ -1803,7 +1803,7 @@ free_store:
   return ret;
 }
 
-int OSD::write_meta(ObjectStore *store, uuid_d& cluster_fsid, uuid_d& osd_fsid, int whoami)
+int OSD::write_meta(CephContext *cct, ObjectStore *store, uuid_d& cluster_fsid, uuid_d& osd_fsid, int whoami)
 {
   char val[80];
   int r;
@@ -1823,6 +1823,14 @@ int OSD::write_meta(ObjectStore *store, uuid_d& cluster_fsid, uuid_d& osd_fsid,
   if (r < 0)
     return r;
 
+  string key = cct->_conf->get_val<string>("key");
+  lderr(cct) << "key " << key << dendl;
+  if (key.size()) {
+    r = store->write_meta("osd_key", key);
+    if (r < 0)
+      return r;
+  }
+
   r = store->write_meta("ready", "ready");
   if (r < 0)
     return r;
diff --git a/src/osd/OSD.h b/src/osd/OSD.h
index 42a152b3c9ad..8e3967cc28ea 100644
--- a/src/osd/OSD.h
+++ b/src/osd/OSD.h
@@ -2407,7 +2407,8 @@ private:
   int update_crush_device_class();
   int update_crush_location();
 
-  static int write_meta(ObjectStore *store,
+  static int write_meta(CephContext *cct,
+			ObjectStore *store,
 			uuid_d& cluster_fsid, uuid_d& osd_fsid, int whoami);
 
   void handle_pg_scrub(struct MOSDScrub *m, PG* pg);
diff --git a/src/vstart.sh b/src/vstart.sh
index 4269e55da007..ad1ecfa8d73f 100755
--- a/src/vstart.sh
+++ b/src/vstart.sh
@@ -627,9 +627,14 @@ EOF
             echo "add osd$osd $uuid"
             ceph_adm osd create $uuid
             ceph_adm osd crush add osd.$osd 1.0 host=$HOSTNAME root=default
-            $SUDO $CEPH_BIN/ceph-osd -i $osd $ARGS --mkfs --mkkey --osd-uuid $uuid
+	    OSD_SECRET=$($CEPH_BIN/ceph-authtool --gen-print-key)
+            $SUDO $CEPH_BIN/ceph-osd -i $osd $ARGS --mkfs --key $OSD_SECRET --osd-uuid $uuid
 
             local key_fn=$CEPH_DEV_DIR/osd$osd/keyring
+	    cat > $key_fn<<EOF
+[osd.$osd]
+	key = $OSD_SECRET
+EOF
             echo adding osd$osd key to auth repository
             ceph_adm -i "$key_fn" auth add osd.$osd osd "allow *" mon "allow profile osd" mgr "allow profile osd"
         fi