John Mulligan [Fri, 29 Mar 2024 18:04:33 +0000 (14:04 -0400)]
ceph.spec.in: remove command-with-macro line
A comment clearly left as a breadcrumb for a node-proxy manpage is
causing (intermittent) build failures. Remove the line and hope
the manpage is added if/when appropriate.
mds: raise health warning if client lacks feature for root_squash
Rather than evict all clients lacking this feature bit, raise a health error
that pushes the administrator to address it. This avoids the surprise of having
all affected clients suddenly evicted in the cluster.
Fixes: https://tracker.ceph.com/issues/65733 Fixes: 954ed30 Signed-off-by: Patrick Donnelly <pdonnell@redhat.com>
(cherry picked from commit 66ff5c9fc8d4664f18b2fa462e96e5548c35951f)
mon/MDSMonitor: add note about missing metadata inclusion
There is a "client_count" metadata on the health warning that apparently was
intended to be used for aggregating warnings but never was. Add a TODO item for
that.
mds: check relevant caps for fs include root_squash
When denying client reconnects because the MDS caps include root_squash and the
client features do not include CEPHFS_FEATURE_MDS_AUTH_CAPS_CHECK, ensure those
caps are only for the file system the MDS is joined to.
The `ceph-mgr` package lost its dependency on `python3-bcrypt` when
the dependencies got moved from d/control to a dh_python3 compatible
requires file. Add it again as the bcrypt module is still used there.
Otherwise one gets errors when, e.g., calling `ceph -s` after a fresh
installation:
> 13 mgr modules have failed dependencies
> Module 'balancer' has failed dependency: No module named 'bcrypt'
> Module 'crash' has failed dependency: No module named 'bcrypt'
> Module 'devicehealth' has failed dependency: No module named 'bcrypt'
> Module 'iostat' has failed dependency: No module named 'bcrypt'
> Module 'nfs' has failed dependency: No module named 'bcrypt'
> Module 'orchestrator' has failed dependency: No module named 'bcrypt'
> Module 'pg_autoscaler' has failed dependency: No module named 'bcrypt'
> Module 'progress' has failed dependency: No module named 'bcrypt'
> Module 'rbd_support' has failed dependency: No module named 'bcrypt'
> Module 'restful' has failed dependency: No module named 'bcrypt'
> Module 'status' has failed dependency: No module named 'bcrypt'
> Module 'telemetry' has failed dependency: No module named 'bcrypt'
> Module 'volumes' has failed dependency: No module named 'bcrypt'
Backport of #56509 in reef didn't include the Table Schema in the
utils.libsonnet because of which the json generation ias failing. This
PR tends to add the Table Schema
Afreen [Wed, 27 Mar 2024 09:35:58 +0000 (15:05 +0530)]
mgr/dashboard:Use advanced fieldset for rbd image
Fixes https://tracker.ceph.com/issues/65025
- using cd-advanced-fieldset component for advanced section
- this will align advanced sections of forms in dashboard
- changed heading of sections of rbd-configuration to h5 to better represent it
as a sub section.
- added unit tests for rbd image config
Afreen [Mon, 25 Mar 2024 08:39:08 +0000 (14:09 +0530)]
mgr/dashboard:Update encryption and tags in bucket form
Fixes https://tracker.ceph.com/issues/65110
- renamed Security to Encryption
- aligned security fieldset with rest of the form using `cd-help-text`
and aligning it with object locking in UX
- aligned security fieldset top use `cd-help-text`
- changed help text of Tags
Afreen [Fri, 1 Mar 2024 07:26:25 +0000 (12:56 +0530)]
mgr/dashboard: Add advanced fieldset component
Fixes https://tracker.ceph.com/issues/65024
- adds a new shared component for displaying advanced fields in /shared
- utilizes that component in bucket form
- placement targets are under advanced fieldset
- minor help text changes in object locking help text
- updated e2e tests
This commit is not a backport but a new commit to fix the code present
on Reef branch but not present in release branches after Reef. At least
some of these issues were exposed during QA done for the backport.
Rishabh Dave [Sat, 24 Jun 2023 04:17:12 +0000 (09:47 +0530)]
AuthMonitor: no need to check permission in MDS caps
For "fs authorize" command, AuthMonitor.cc checks if permissions is "r"
or begins with "rw". This check is redundant now.
AuthMonitor::valid_caps() runs MDSAuthCaps.parse() which now runs same
check for the MDS caps, regardless of the command.
Rishabh Dave [Fri, 9 Jun 2023 18:54:12 +0000 (00:24 +0530)]
MDSAuthCaps: print a special error message for wrong permissions
Permissions mentioned in MDS caps flags can either begin with "r" or
"rw", or can be "*" and "all". But it can't start with or be just "w" or
something else. This is confusing for some CephFS users since MON caps
can be just "w".
Command "ceph fs authorize" complains about this to the user. But other
commands (specifically, "ceph auth add", "ceph auth caps",
"ceph auth get-or-create" and "ceph auth get-or-create-key") don't. Make
these commands too print a helpful message, the way "ceph fs authorize"
command does.
Fixes: https://tracker.ceph.com/issues/61666 Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit f163dd3ef1fd9f05f05fa50eda9993225770d524)
Conflicts:
src/mds/MDSAuthCaps.cc
"std::string" was replace "string" in main but that's not the case
in Reef.
Rishabh Dave [Sat, 24 Jun 2023 17:11:07 +0000 (22:41 +0530)]
qa/ceph_test_case: add a method to negative test Ceph commands
Also, add comments to explain the users the arguments are accepted by
run_ceph_cmd(), get_ceph_cmd_result(), get_ceph_cmd_stdout() and
negtest_ceph_cmd() methods of class RunCephCmd.
Rishabh Dave [Wed, 9 Aug 2023 12:40:32 +0000 (18:10 +0530)]
qa: inherit RunCephCmd in CephTestCase instead of CephFSTestCase
MgrTestCase also needs RunCephCmd. If RunCephCmd is inherited by
CephTestCase, instead of CephFSTestCase, MgrTestCase will automatically
inherit RunCephCmd because it inhertis CephTestCase.
Fixes: https://tracker.ceph.com/issues/62084 Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit 4b369cf18ed1391a426ab4ae86da834e9c074f81)
Rishabh Dave [Mon, 27 Mar 2023 06:21:16 +0000 (11:51 +0530)]
qa/cephfs: use run_ceph_cmd() when cmd output is not needed
In filesystem.py and wherever instance of class Filesystem are used, use
run_ceph_cmd() instead of get_ceph_cluster_stdout() when output of Ceph
command is not required.
Rishabh Dave [Mon, 27 Mar 2023 06:09:11 +0000 (11:39 +0530)]
qa/cephfs: add helper methods to filesystem.py
Add run_ceph_cmd(), get_ceph_cmd_stdout() and get_ceph_cmd_result() to
class Filesystem so that running Ceph command is easier. This affects
not only methods inside class Filesystem but also methods elsewhere that
uses instance of class Filesystem to run Ceph commands.
Instead of "self.fs.mon_manager.raw_cluster_cmd()" writing
"self.fs.run_ceph_cmd()" will suffice.
Conflicts:
qa/tasks/cephfs/test_mirroring.py
- Commit e4dd0e41a3a0 was not present on main but it is now
present on main as well as on Reef, which leads to conflict.
- The line located right before one of the patches in this
commit was modified in latest Reef branch, thus creating
conflict when PR branch was rebased on latest Reef.
Rishabh Dave [Thu, 16 Mar 2023 10:02:39 +0000 (15:32 +0530)]
qa/cephfs: add and use get_ceph_cmd_stdout()
Add method get_ceph_cmd_stdout() to class CephFSTestCase so that one
doesn't have to type something as long as
"self.mds_cluster.mon_manager.raw_cluster_cmd()" to execute a
command and get its output. And delete and replace
CephFSTestCase.run_cluster_cmd() too.
Conflicts:
qa/tasks/cephfs/caps_helper.py
- This file is very different in Reef.
qa/tasks/cephfs/test_mirroring.py
- Commit e4dd0e41a3a0 was not present on main but it is now
present on main as well as on Reef, which leads to conflict.
- On Reef branch, the line before that patch in this commit was
thus creating a conflict when the PR branch for this commit
series was rebased on latest Reef.
Rishabh Dave [Thu, 16 Mar 2023 09:41:08 +0000 (15:11 +0530)]
qa/cephfs: add and use run_ceph_cmd()
Instead of writing something as long as
"self.mds_cluster.mon_manager.run_cluster_cmd()" to execute a command,
let's add a helper method to class CephFSTestCase and use it instead.
With this, running a command becomes simple - "self.run_ceph_cmd()".
Conflicts:
qa/tasks/cephfs/test_damage.py
This file is slightly different because this commit c8f8324ee2fae48e8d3c2bbdbf45cc9ffe46fd4c was merged on main and
backported after the commit being cherry-picked here was merged
in main.
Rishabh Dave [Tue, 14 Mar 2023 19:43:56 +0000 (01:13 +0530)]
qa/cephfs: add and use get_ceph_cmd_result()
To run a command and get its return value, instead of typing something
as long as "self.mds_cluster.mon_manager.raw_cluster_cmd_result" add a
hepler method in CephFSTestCase and use it. This makes this task very
simple - "self.get_ceph_cmd_result()".
Also, remove method CephFSTestCase.run_cluster_cmd_result() in favour of
this new method.
Rishabh Dave [Mon, 13 Mar 2023 13:05:50 +0000 (18:35 +0530)]
qa/cephfs: create CephManager instance in CephFSTestCase
To run a Ceph command conveniently, run_cluster_cmd(), raw_cluster_cmd()
or raw_cluster_cmd_result() must be called. These methods are available
in class CephManager which in turn is available only if an instance of
Filesystem, MDSCluster, CephCluster or MgrCluster is initialized. Having
an instance of CephManager in CephFSTestCase will provide easy access to
these methods.
For example, in CephFS tests writing "self.mon_manager.raw_cluser_cmd()"
instead of writing "self.mds_cluster.mon_manager.raw_cluster()" will
suffice.
This commit provides a basis for upcoming commits in this patch series.
With next patches, running Ceph command will be further simplified. Just
writing self.run_ceph_cmd() will suffice for running a CephFS command.
Patrick Donnelly [Tue, 27 Feb 2024 00:44:27 +0000 (19:44 -0500)]
mds: skip sr moves when target is an unlinked dir
A directory in the stray directory cannot have any HEAD inodes with caps so
there is no need to move anything to the snaprealm opened for the unlinked
directory.
Following the parent commit's reproducer, the behavior now looks expectedly like:
Discussions with Dan van der Ster led to the creation of this patch.
Fixes: https://tracker.ceph.com/issues/53192 Signed-off-by: Patrick Donnelly <pdonnell@redhat.com> Signed-off-by: Dan van der Ster <dan.vanderster@clyso.com>
(cherry picked from commit c190a3f1633e9282772e5ec54fe10556856a2540)
Patrick Donnelly [Fri, 12 Nov 2021 00:43:27 +0000 (19:43 -0500)]
mds: memoize descendent results during realm splits
This change uses an unordered_map to memoize results of CInode::is_ancestor_of
so that subsequent invocations can skip directory inodes which are already
known to not be a descendent of the target directory.
In the worst case, this unordered_map can grow to the number of inodes in
memory when all inodes are directories and at least one client has a cap for
each inode. However, in general this will not be the case. The size of each
entry in the map will be a 64-bit pointer and bool. The total size will vary
across platforms but we can say that with a conservative estimate of 192 bits /
entry overhead (including the entry linked list pointer in the bucket), the map
will grow to ~24MB / 1M inodes.
The result of this change is not eye-popping but it does have a significant performance advantage.
For an unpatched MDS with 1M inodes with caps in the global snaprealm (with debugging commits preceding this one):
or about 1,338ms. This caused a split of 100k inodes. This takes more time
because directories are actually moved to the snaprealm with a lot of list
twiddling for caps.
or about 840ms. This can be easily done by making a directory in one of the
trees created (see reproducer below).
Reproducing can be done with:
for ((i =0; i < 10; i++)); do (pushd $(mktemp -d -p . ); for ((j = 0; j < 30; ++j)); do mkdir "$j"; pushd "$j"; done; for ((j = 0; j < 10; ++j)); do for ((k = 0; k < 10000; ++k)); do mkdir $j.$k; done & done) & done
to make 1M directories. We put the majority of directories in a 30-deep nesting
to exercise CInode::is_ancestor_of with some worst-case type scenario.
Make sure all debugging configs are disabled for the MDS/clients. Make sure the
client has a cache size to accomodate 1M caps. Make at least one snapshot:
It is not necessary to delete any snapshots to reproduce this behavior. It's
only necessary to have a lot of inodes_with_caps in a snaprealm and effect a
split.
Fixes: https://tracker.ceph.com/issues/53192 Signed-off-by: Patrick Donnelly <pdonnell@redhat.com>
(cherry picked from commit a0ccb79fa0806792c7ee666c667328a8aeb09e97)
Aashish Sharma [Wed, 4 Oct 2023 09:07:42 +0000 (14:37 +0530)]
mgr/dashboard: upgrade from old 'graph' type panels to the new
'timeseries' panel
The graph panel type is deprecated, and disappears after Grafana v9.1 (current version is 10.0) to prevent more old type panels being created. These should be migrated to the timeseries panel type, to avoid potential problems with future Grafana versions.
* refs/pull/56479/head:
pybind/mgr/devicehealth: skip legacy objects that cannot be loaded
qa: test devicehealth legacy load of deleted snap obj
qa: allow failing whatever the active mgr is
qa: add unit tests for MgrMap down flag
mon/MgrMonitor: add "down" setting to simplify testing
Afreen [Fri, 1 Mar 2024 07:26:25 +0000 (12:56 +0530)]
mgr/dashboard:Mark placement targets as non-required in bucket form
Fixes https://tracker.ceph.com/issues/64708
- adds info text explaining about placement targets
- adds fieldset to security, policy and tags for a11y
- removes placement target as required field
- when no placement target provided, request omits placement_target
field
- hides placement atrgets ection for edit form since its not possible to
edit after creation
- updates rgw-bucket.service.spec.ts unit test
- minor cleanups related to unncesseary css present, and changes in help
text for object locking
- updated e2e tests for buckets to incorporate changes
projects / ceph.git / log