From 10245a7ffba8bd045012006fcaa7e2e875d831ee Mon Sep 17 00:00:00 2001 From: Varsha Rao Date: Tue, 12 Jan 2021 14:01:55 +0530 Subject: [PATCH] pybind/volumes/nfs: set mds caps according to user specified access type Signed-off-by: Varsha Rao --- src/pybind/mgr/volumes/fs/nfs.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/pybind/mgr/volumes/fs/nfs.py b/src/pybind/mgr/volumes/fs/nfs.py index 699e4852316f..b9a16c974fd3 100644 --- a/src/pybind/mgr/volumes/fs/nfs.py +++ b/src/pybind/mgr/volumes/fs/nfs.py @@ -463,14 +463,16 @@ class FSExport(object): except KeyError: pass - def _create_user_key(self, entity, path, fs_name): + def _create_user_key(self, entity, path, fs_name, fs_ro): osd_cap = 'allow rw pool={} namespace={}, allow rw tag cephfs data={}'.format( self.rados_pool, self.rados_namespace, fs_name) + access_type = 'r' if fs_ro else 'rw' ret, out, err = self.mgr.check_mon_command({ 'prefix': 'auth get-or-create', 'entity': 'client.{}'.format(entity), - 'caps': ['mon', 'allow r', 'osd', osd_cap, 'mds', 'allow rw path={}'.format(path)], + 'caps': ['mon', 'allow r', 'osd', osd_cap, 'mds', 'allow {} path={}'.format( + access_type, path)], 'format': 'json', }) @@ -563,7 +565,7 @@ class FSExport(object): if not self._fetch_export(pseudo_path): ex_id = self._gen_export_id() user_id = f"{cluster_id}{ex_id}" - user_out, key = self._create_user_key(user_id, path, fs_name) + user_out, key = self._create_user_key(user_id, path, fs_name, read_only) access_type = "RW" if read_only: access_type = "RO" -- 2.47.3