From: Sage Weil Date: Fri, 26 Mar 2021 16:02:50 +0000 (-0400) Subject: cephadm: set auth_allow_insecure_global_id_reclaim for mon on bootstrap X-Git-Tag: v16.2.1~7 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=dbd77499260ad5683cea44828927123cbdef446a;p=ceph.git cephadm: set auth_allow_insecure_global_id_reclaim for mon on bootstrap If this is a fresh pacific cluster, let's assume that there won't be legacy clients connecting. (And if there are, let's put the burden on the user to enable them to do so insecurely.) This is in contrast to upgrades, where our focus is on not breaking anything. Signed-off-by: Sage Weil (cherry picked from commit 7ca74183226b1125b29f4ea8f324ae9e38b46795) --- diff --git a/qa/suites/rados/cephadm/thrash-old-clients/ceph.yaml b/qa/suites/rados/cephadm/thrash-old-clients/ceph.yaml index 468b4af27d0..016ce36da7f 100644 --- a/qa/suites/rados/cephadm/thrash-old-clients/ceph.yaml +++ b/qa/suites/rados/cephadm/thrash-old-clients/ceph.yaml @@ -2,3 +2,6 @@ verify_ceph_hash: false tasks: - cephadm: + conf: + mon: + auth allow insecure global id reclaim: true diff --git a/src/cephadm/cephadm b/src/cephadm/cephadm index e0b5ddd7d1f..cdc52d782b7 100755 --- a/src/cephadm/cephadm +++ b/src/cephadm/cephadm @@ -3755,8 +3755,15 @@ def prepare_bootstrap_config( if not cp.has_section('global'): cp.add_section('global') cp.set('global', 'fsid', fsid) - cp.set('global', 'mon host', mon_addr) + cp.set('global', 'mon_host', mon_addr) cp.set('global', 'container_image', image) + if not cp.has_section('mon'): + cp.add_section('mon') + if ( + not cp.has_option('mon', 'auth_allow_insecure_global_id_reclaim') + and not cp.has_option('mon', 'auth allow insecure global id reclaim') + ): + cp.set('mon', 'auth_allow_insecure_global_id_reclaim', 'false') cpf = StringIO() cp.write(cpf) config = cpf.getvalue()