Nizamudeen A [Thu, 19 Sep 2024 03:39:20 +0000 (09:09 +0530)]
mgr/dashboard: ignore exceptions raised when no cert/key found
for nvmeof client, when there are no cert found, it raises an exception
which gets logged more often because the dashboard polls the client
frequently.
```
Sep 18 13:40:54 ceph-node-00 ceph-mgr[2716]: log_channel(cephadm) log [ERR] : No secret found for entity nvmeof_root_ca_cert with service name nvmeof.rbd.default
Traceback (most recent call last):
File "/usr/share/ceph/mgr/orchestrator/_interface.py", line 140, in wrapper
return OrchResult(f(*args, **kwargs))
File "/usr/share/ceph/mgr/cephadm/module.py", line 3271, in cert_store_get_cert
raise OrchSecretNotFound(entity=entity, service_name=service_name, hostname=hostname)
cephadm.inventory.OrchSecretNotFound: No secret found for entity nvmeof_root_ca_cert with service name nvmeof.rbd.default
Sep 18 13:40:54 ceph-node-00 ceph-mgr[2716]: [dashboard INFO orchestrator] is orchestrator available: True,
Sep 18 13:40:54 ceph-node-00 ceph-mgr[2716]: [cephadm ERROR orchestrator._interface] No secret found for entity nvmeof_server_cert with service name nvmeof.rbd.default
Traceback (most recent call last):
File "/usr/share/ceph/mgr/orchestrator/_interface.py", line 140, in wrapper
return OrchResult(f(*args, **kwargs))
File "/usr/share/ceph/mgr/cephadm/module.py", line 3271, in cert_store_get_cert
raise OrchSecretNotFound(entity=entity, service_name=service_name, hostname=hostname)
cephadm.inventory.OrchSecretNotFound: No secret found for entity nvmeof_server_cert with service name nvmeof.rbd.default
Sep 18 13:40:54 ceph-node-00 ceph-0377c7c2-75c1-11ef-bb0e-5254000e47d2-mgr-ceph-node-00-cvrrld[2712]: 2024-09-18T13:40:54.529+0000 7fbbd9272640 -1 log_channel(cephadm) log [ERR] : No secret found for entity nvmeof_server_cert with service name nvmeof.rbd.default
Sep 18 13:40:54 ceph-node-00 ceph-0377c7c2-75c1-11ef-bb0e-5254000e47d2-mgr-ceph-node-00-cvrrld[2712]: Traceback (most recent call last):
Sep 18 13:40:54 ceph-node-00 ceph-0377c7c2-75c1-11ef-bb0e-5254000e47d2-mgr-ceph-node-00-cvrrld[2712]: File "/usr/share/ceph/mgr/orchestrator/_interface.py", line 140, in wrapper
Sep 18 13:40:54 ceph-node-00 ceph-0377c7c2-75c1-11ef-bb0e-5254000e47d2-mgr-ceph-node-00-cvrrld[2712]: return OrchResult(f(*args, **kwargs))
Sep 18 13:40:54 ceph-node-00 ceph-0377c7c2-75c1-11ef-bb0e-5254000e47d2-mgr-ceph-node-00-cvrrld[2712]: File "/usr/share/ceph/mgr/cephadm/module.py", line 3271, in cert_store_get_cert
Sep 18 13:40:54 ceph-node-00 ceph-0377c7c2-75c1-11ef-bb0e-5254000e47d2-mgr-ceph-node-00-cvrrld[2712]: raise OrchSecretNotFound(entity=entity, service_name=service_name, hostname=hostname)
Sep 18 13:40:54 ceph-node-00 ceph-0377c7c2-75c1-11ef-bb0e-5254000e47d2-mgr-ceph-node-00-cvrrld[2712]: cephadm.inventory.OrchSecretNotFound: No secret found for entity nvmeof_server_cert with service name nvmeof.rbd.default
Sep 18 13:40:54 ceph-node-00 ceph-mgr[2716]: log_channel(cephadm) log [ERR] : No secret found for entity nvmeof_server_cert with service name nvmeof.rbd.default
Traceback (most recent call last):
File "/usr/share/ceph/mgr/orchestrator/_interface.py", line 140, in wrapper
return OrchResult(f(*args, **kwargs))
File "/usr/share/ceph/mgr/cephadm/module.py", line 3271, in cert_store_get_cert
raise OrchSecretNotFound(entity=entity, service_name=service_name, hostname=hostname)
cephadm.inventory.OrchSecretNotFound: No secret found for entity nvmeof_server_cert with service name nvmeof.rbd.default
Sep 18 13:40:54 ceph-node-00 ceph-mgr[2716]: [dashboard INFO nvmeof_client] Insecurely connecting to: 192.168.100.101:5500
```
mgr/dashboard: show non default realm sync status in rgw overview page
Currently, we just show the sync status of the default realm in rgw
overview page. This PR is to show the sync status of non-default realms
as well. Multisite sync status can be viewed for any of the active daemon
which runs in default/non-default realm.
Aashish Sharma [Thu, 3 Oct 2024 08:28:14 +0000 (13:58 +0530)]
mgr/dashboard: fix gateways section error:”404 - Not Found RGW Daemon not found: None”
A case was missed here where we do have a default realm created but no default_zonegorup, in that case, the existing behavior should prevail and that's not being handled. If a default_realm is created but no default_zonegroup is there, weshould continue getting the keys from daemon_name = next(iter(daemon_keys))
Dan Mick [Wed, 26 Jun 2024 02:07:41 +0000 (19:07 -0700)]
Add Containerfile and build.sh to build it.
The intent is to replace ceph-container.git, at first for ci containers
only, and eventually production containers as well.
There is code present for production containers, including
a separate "make-manifest-list.py" to scan for and glue the two
arch-specific containers into a 'manifest-list' 'fat' container,
but that code is not yet fully tested.
This code will not be used until a corresponding change to the
Jenkins jobs in ceph-build.git is pushed.
Note that this tooling does not authenticate to the container repo;
it is assumed that will be done elsewhere. Authentication is
verified by pushing a minimal image to the requested repo.
Zac Dover [Fri, 4 Oct 2024 13:21:32 +0000 (23:21 +1000)]
doc/governance: add exec council responsibilites
Add the Ceph Executive Council's responsibilties to the
doc/governance.rst document. It was decided during the weekly CLT
meeting on 30 Sep 2024 to add this to the ceph/ceph git repository.
Casey Bodley [Thu, 15 Feb 2024 03:53:47 +0000 (22:53 -0500)]
rgw: switch back to boost::asio for spawn() and yield_context
a fork of boost::asio::spawn() was introduced in 2020 with spawn::spawn() from #31580. this fork enabled rgw to customize how the coroutine stacks are allocated in order to avoid stack overflows in frontend request coroutines. this customization was based on a StackAllocator concept from the boost::context library
in boost 1.80, that same StackAllocator overload was added to boost::asio::spawn(), along with other improvements like per-op cancellation. now that boost has everything we need, switch back and drop the spawn submodule
this required switching a lot of async functions from async_completion<> to async_initiate<>. similar changes were necessary to enable the c++20 coroutine token boost::asio::use_awaitable
Casey Bodley [Thu, 15 Feb 2024 02:03:13 +0000 (21:03 -0500)]
crypto/qat: use async_initiate and any_completion_handler
the qat async initiator functions were based on async_completion<> and
its completion_handler member, but the updated boost::asio::yield_context
doesn't provide a completion_handler. switch to the updated
async_initate() method which does work with boost::asio::yield_context
qa: avoid a non-standard shell construct in rbd/iscsi_client.t
dash which is used as /bin/sh on Ubuntu interprets "2&> /dev/null" as
an instruction to launch iscsiadm in the background. While that is
mostly compensated by the following sleep, stderr isn't redirected to
/dev/null either -- the output gets polluted and the test fails.
... since it's not available on Ubuntu. In this case mpathconf just
sets a couple of default values and defines an empty blacklist section,
so it's easy enough to replicate.
mgr/dashboard: Allow adding all listeners unders a subsystems
Issue:
- Currently a user cannot add all listeners under a subsystem
- This results into an error: `Failure adding nqn.2001-07.com.ceph:1725013182540 listener at 10.70.44.140:4420: Gateway's host name must match current host (dhcp47-54)`
Reason:
- The gateway address used while creating listener is random now in nvmeof client
- After checking the gateway logs of each node, its is found that no grpc request recieved for adding listener on the respective node rather going to the node that is chosen by default in nvmeof client.
- But nvmeof backend check that current gateway matches the one with sent in request for adding listener (ref: https://github.com/ceph/ceph-nvmeof/blob/devel/control/grpc.py#L2104)
Fix:
- Using `traddr` from listener API to set the current gateway address
- Since `traddr` gives only IP address, without port therefore extracting full address from `NvmeofGatewaysConfig.get_gateways_config()`
- This ensures correct path usage
doc/rados: edit "Placement Groups Never Get Clean"
Make grammar improvements (and correct a verb disagreement) in the
section "Placement Groups Never Get Clean" in
doc/rados/troubleshooting/troubleshooting-pg.rst.
* the steps performed by the Windows CI job
* artifact structure
* frequently asked questions
The document is meant to assist the Ceph developers in investigating
CI failures. This is especially important as the Windows CI job runs
integration tests that would otherwise only be executed by
Teuthology, thus helping catch potential regressions quickly.
Note that the identified regressions are not necessarily Windows
specific, usually affecting Linux builds as well.
ceph-volume: add call to `ceph-bluestore-tool zap-device`
BlueStore now writes its metadata at multiple offset on devices [1].
It means `ceph-volume lvm zap` doesn't remove BlueStore signature altogether.
This can confuse ceph-volume when redeploying an OSD on a previously
zapped device because there is still old BlueStore metadata on it.
ceph-volume should call `ceph-bluestore-tool zap-device` [2]
in addition to the existing calls when wiping a device.
Fixes: https://tracker.ceph.com/issues/67926 Signed-off-by: Igor Fedotov <igor.fedotov@croit.io>
(cherry picked from commit c266ef0f61f7de29b56119171625dd61b8c0f0a2)
Conflicts:
'trim' option was not present, but --yes-i-really-really-mean-it was
used
Naman Munet [Tue, 17 Sep 2024 06:59:37 +0000 (12:29 +0530)]
mgr/dashboard: multisite sync policy improvements
https://tracker.ceph.com/issues/68097
Changes for this PR includes:
1) Populating the destination zones select option with a set of options to choose from, for flow and pipe so that user can't enter any invalid zone name
2) Provided zone option as 'All Zones (*)' in pipe, if user want to select all zones for source and destination zones
3) We are hiding the UniqueId column on sync policy table as we do not want to show it as this column is introduced just to uniquely identify a row in the table and should not be displayed to users as it is part of the internal logic to work.
After an OSD is successfully prepared, the activation step fails
because the mapper is left open which makes `systemd-cryptsetup attach`
complain about that and prompt for password.
In order to avoid any other potential issue that would make activation
step hang for ever, I'm adding `headless=true`.
mgr/dashboard: Cloning subvolume not listing _nogroup subvolumegroup if there are no subvols in _nogroup Fixes: https://tracker.ceph.com/issues/67891 Signed-off-by: Dnyaneshwari talwekar <dtalweka@redhat.com>
(cherry picked from commit 5c6c4a07d8dcd7bde46057310fbd1c5580a0da2f)
- Implemented earmarking functionality for subvolumes and subvolume groups,
ensuring that they do not share the same subvolume or subvolume group to avoid
data corruption due to unsupported mixed protocol use.
- Added a command to set set/rm earmark from a given subvolume / subvolume group
- Adding __init__.py for python-common/ceph/fs dir to have it as a package.
- Fixed subvolume info command when no earmark is set.
projects / ceph.git / log