From 61082b3b3233568203f8c56466454975389d8f6e Mon Sep 17 00:00:00 2001 From: =?utf8?q?S=C3=A9bastien=20Han?= Date: Fri, 26 Oct 2018 14:32:49 +0200 Subject: [PATCH] mgr: only copy keys with dedicated mgr MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit When collocating mon and mgr, the mgr container will attempt to create its own key since it has the admin key at its disposal. Also at this point there is nothing to fetch since the key is not created by the mons, as mentionned above the mgr creates the key on its own. Signed-off-by: Sébastien Han --- roles/ceph-mgr/tasks/common.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/ceph-mgr/tasks/common.yml b/roles/ceph-mgr/tasks/common.yml index 5f0945da2..20d608436 100644 --- a/roles/ceph-mgr/tasks/common.yml +++ b/roles/ceph-mgr/tasks/common.yml @@ -15,7 +15,7 @@ group: "{{ ceph_uid if containerized_deployment else 'ceph' }}" mode: "{{ ceph_keyring_permissions }}" with_items: - - { name: "/etc/ceph/{{ cluster }}.mgr.{{ ansible_hostname }}.keyring", dest: "/var/lib/ceph/mgr/{{ cluster }}-{{ ansible_hostname }}/keyring", copy_key: true } + - { name: "/etc/ceph/{{ cluster }}.mgr.{{ ansible_hostname }}.keyring", dest: "/var/lib/ceph/mgr/{{ cluster }}-{{ ansible_hostname }}/keyring", copy_key: "{{ True if groups.get(mgr_group_name, []) | length > 0 else False }}" } - { name: "/etc/ceph/{{ cluster }}.client.admin.keyring", dest: "/etc/ceph/{{ cluster }}.client.admin.keyring", copy_key: "{{ copy_admin_key }}" } when: - cephx @@ -29,3 +29,4 @@ mode: "{{ ceph_keyring_permissions }}" when: - cephx + - groups.get(mgr_group_name, []) | length > 0 -- 2.39.5