Ilya Dryomov [Thu, 30 Jan 2025 19:30:18 +0000 (20:30 +0100)]
doc/rbd: use https links in live import examples
Even though it's explicitly said that "http" stream can be used to
import via both HTTP and HTTPS, it can still be confusing that "type":
"http" is expected to go with "url": "https://...". Switch example
URLs from HTTP to HTTPS to make it more obvious.
Gil Bregman [Thu, 30 Jan 2025 11:33:51 +0000 (13:33 +0200)]
mgr/cephadm/nvmeof: Add verify_listener_ip field to NVMeOF configuration and remove obsolete enable_key_encryption
Fixes https://tracker.ceph.com/issues/69731
Zac Dover [Wed, 29 Jan 2025 14:05:59 +0000 (00:05 +1000)]
doc/cephadm: simplify confusing math proposition
s/This means that the exact device size is 3.64 * 1000, or 3640GB"/This
means that the exact device size is 3.64TB, or 3640 GB"/
In the original text, the number "3.64" appears to refer to a quantity
(and indeed, it is a quantity of Terabytes), but it is unlabeled. Also,
on repeated recent readings of this sentence I found it more puzzling
than enlightening. So I made this commit.
Redouane Kachach [Tue, 14 Jan 2025 09:38:13 +0000 (10:38 +0100)]
mgr/cephadm: using service registry pattern for cephadm services
This change includes mainly the following enhancements:
- Introduced a centralized `CephadmServiceRegistry` to manage service registration and initialization.
- Added dynamic discovery of service modules in the same directory using `pkgutil` and `importlib`.
- Implemented a decorator `@service_registry_decorator` for automatic registration of service classes.
Ilya Dryomov [Mon, 27 Jan 2025 11:29:54 +0000 (12:29 +0100)]
osd/OSDCap: fix misleading grammar comments
The restrictions on pool name and namespace have been independent of
each other for ages. Specifying namespace[=]<namespace> doesn't require
specifying pool[=]<pool> like is currently suggested -- neither for
regular "allow" grants nor for "profile" grants.
Ilya Dryomov [Fri, 24 Jan 2025 19:47:11 +0000 (20:47 +0100)]
mon/OSDMonitor: relax cap enforcement for unmanaged snapshots
Since commit 4972e054b32c ("mon/OSDMonitor: enforce caps when
creating/deleting unmanaged snapshots"), a) write access to the MON
service, b) write access to the OSD service for a pool or c) permission
for "osd pool op unmanaged-snap" command for a pool is required. For
"profile rbd" we configure read-only access to the MON service and rely
on write access to the OSD service, however the corresponding check in
is_osd_writable() is too strict.
A OSD cap like "profile rbd namespace=myns" or "allow w namespace=myns"
allows write access to myns namespace of any pool, but is_osd_writable()
disallows operations with unmanaged snapshots with such a cap because
its match.pool_namespace.pool_name.empty() is true. This condition
appears to serve as the "doesn't include support for the application
tag" guard, but it should actually be match.pool_tag.is_match_all()
(or match.pool_tag.application.empty() if open-coded) -- no restriction
on the pool name doesn't automatically mean that there is a restriction
on the application tag.
Alex Ainscow [Thu, 23 Jan 2025 16:56:25 +0000 (16:56 +0000)]
interval_set: Fix test_interval_set.cc
Here we duplicate all the original tests which used "insert" to verify they also pass with "union_insert". All new tests are modified to use "union_of" and "union_insert"
Alex Ainscow [Thu, 23 Jan 2025 09:28:09 +0000 (09:28 +0000)]
interval_set: Add back insert()
A reviewer (see github) was concerned that the policing provided by insert() may have been required for some applications of insert_set. As such, I have re-instated the old insert method and instead refactored "union_insert". IU have also enhanced the comments.
Alex Ainscow [Wed, 8 Jan 2025 22:18:35 +0000 (22:18 +0000)]
interval_set: erase and subtract enhancements
The old erase would only allow intervals which exist to be erased. It is often useful to erase any interval, even if it does not exist or partially overlaps one or many intervals.
Alex Ainscow [Wed, 8 Jan 2025 22:16:49 +0000 (22:16 +0000)]
interval_set: Enhancements to improve efficiency of insert() and to allow more flexibility.
The old insert was restrictive in ranges that could be added in. The new interface allows for a range to be added, whether it extends or joins other intervals.
Also change a number of interfaces to use the new insert.
Alex Ainscow [Wed, 8 Jan 2025 22:04:56 +0000 (22:04 +0000)]
interval_map: Add interfaces for getting start/end and lower ranges.
These new utilities add the ability to:
get_lower_range: Return the lowest interval iterator which covers the specified range
get_start_off(): return the first offset in the interval.
get_end_off(): Return the end offset of the last interval
contains(): Return true if specified is entirely contained within the interval map.
Zac Dover [Fri, 24 Jan 2025 13:46:19 +0000 (23:46 +1000)]
doc/cephfs: edit disaster-recovery-experts (6 of x)
In doc/cephfs/disaster-recovery-experts.rst, incorporate Anthony's
suggestions in
https://github.com/ceph/ceph/pull/61462#discussion_r1923917812
and
https://github.com/ceph/ceph/pull/61462#discussion_r1923920724
and reword the sentences in the section "Using an alternate metadata
pool for recovery" to be in the imperative mood, which better suits the
ordered list format that was introduced in
https://github.com/ceph/ceph/pull/61493.
Follows https://github.com/ceph/ceph/pull/61493.
https://tracker.ceph.com/issues/69557
Co-authored-by: Anthony D'Atri <anthony.datri@gmail.com> Signed-off-by: Zac Dover <zac.dover@proton.me>
Ilya Dryomov [Sat, 25 Jan 2025 10:11:14 +0000 (11:11 +0100)]
doc/rados: pool and namespace are independent osdcap restrictions
For the "profile {name}" syntax, pool and namespace restrictions are
independent of each other (i.e. specifying namespace doesn't also
require specifying pool like is currently suggested). A cap can look
like "profile rbd namespace=myns", signifying that the RBD profile is
to be allowed in myns namespace of any pool.
For the "allow {access-spec}" syntax, pool restriction is optional.
A cap can look like "allow r namespace=myns", "allow w object_prefix
myprefix" or "allow rw namespace=myns object_prefix myprefix", for
example.
John Mulligan [Tue, 21 Jan 2025 21:28:42 +0000 (16:28 -0500)]
container: add label ceph=True back
Add a label used by cephadm internally that was always set by
ceph-container [1] back to the new containerfile. This should
prevent issues with cephadm shell command thinking official ceph images
are not official ceph images.
Zac Dover [Thu, 23 Jan 2025 09:49:26 +0000 (19:49 +1000)]
doc/cephfs: edit disaster-recovery-experts (5 of x)
Put the procedure in the section called "Using an alternate metadata
pool for recovery" into an ordered list, so that it is in a proper
procedure format.
This commit is meant only to break the procedure into steps. The English
language in each of these steps could be improved, but that improvement
will be done after this formatting has been merged and backported.
Dan Mick [Thu, 23 Jan 2025 02:28:15 +0000 (18:28 -0800)]
container/build.sh: fix up org vs. repo naming
release builds were using the wrong container repo name because of
confused variable naming and inadequate separation. Keep the hostname,
org name, and repo name in separate variables, and assemble the full
path with a version when tagging is done.
Ilya Dryomov [Wed, 22 Jan 2025 19:34:11 +0000 (20:34 +0100)]
librbd: clear ctx before initiating close in Image::{aio_,}close()
Image::aio_close() must clear ctx before initiating close. Otherwise
the provided callback may see a non-NULL ctx and attempt to close the
image again from Image destructor, leading to an invalid memory access
as ImageCtx and ImageState are both freed immediately after the image
is closed (i.e. before AioCompletion is completed and the callback is
executed).
The same adjustment is made to Image::close() just for consistency.
projects / ceph.git / log