From 50da6257b5004ac341c538d24df0424278db3fb5 Mon Sep 17 00:00:00 2001 From: Sage Weil Date: Tue, 7 Aug 2018 12:59:25 -0500 Subject: [PATCH] mon: only share monmap after authenticated It is no longer necessary to fetch a monmap pre-authentication, something we previous did for get_monmap_privately(). New code has replaced this with get_monmap_and_config(), and it authenticates in order to get that same information (plus configs). That change was made in mimic, but we must support upgrades from N-2, which means that luminous daemons still need to function. The only caller for get_monmap_privately() in luminous is from ceph-osd during mkfs. Disabling this here means that new OSDs cannot be created using nautilus mons and a luminous ceph-osd. Include a note for the (future) nautilus upgrade notes. Reported-by: Christopher Ryan Harrell Signed-off-by: Sage Weil --- PendingReleaseNotes | 13 +++++++++++++ src/mon/Monitor.cc | 15 ++++----------- 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/PendingReleaseNotes b/PendingReleaseNotes index ae5a1b3e33cbb..1742eaa6fe34f 100644 --- a/PendingReleaseNotes +++ b/PendingReleaseNotes @@ -36,3 +36,16 @@ * The ``osd_heartbeat_addr`` option has been removed as it served no (good) purpose: the OSD should always check heartbeats on both the public and cluster networks. + + + + + + + +Upgrading from Luminous +----------------------- + +* During the upgrade from luminous to nautilus, it will not be possible to create + a new OSD using a luminous ceph-osd daemon after the monitors have been + upgraded to nautilus. diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc index 687be108770be..a81f8cfc6632c 100644 --- a/src/mon/Monitor.cc +++ b/src/mon/Monitor.cc @@ -4111,17 +4111,6 @@ void Monitor::dispatch_op(MonOpRequestRef op) case CEPH_MSG_PING: handle_ping(op); return; - - /* MMonGetMap may be used by clients to obtain a monmap *before* - * authenticating with the monitor. We need to handle these without - * checking caps because, even on a cluster without cephx, we only set - * session caps *after* the auth handshake. A good example of this - * is when a client calls MonClient::get_monmap_privately(), which does - * not authenticate when obtaining a monmap. - */ - case CEPH_MSG_MON_GET_MAP: - handle_mon_get_map(op); - return; } if (!op->get_session()->authenticated) { @@ -4132,6 +4121,10 @@ void Monitor::dispatch_op(MonOpRequestRef op) } switch (op->get_req()->get_type()) { + case CEPH_MSG_MON_GET_MAP: + handle_mon_get_map(op); + return; + case MSG_GET_CONFIG: configmon()->handle_get_config(op); return; -- 2.39.5