From d72f1512bc6c97ceb0f7a8c35fe405ca658081df Mon Sep 17 00:00:00 2001 From: John Mulligan Date: Fri, 11 Apr 2025 13:02:15 -0400 Subject: [PATCH] mgr/cephadm: do not delete smb fs cephx keys This change effectively disables fencing for the smb service because the previous attempt to implement fencing would destroy the only cephx key. Deleting this key would prevent any smb service part of the logical cluster from talking to cephfs, even ones that were not to be fenced. The whole concept of fencing and ranks needs a bit of a rethink in regards to smb. For now, we're just going to rely on ctdb and not cephadm for smb's HA. Fixes: 60300360cc500091e9dadf929d00bb72afad033c Signed-off-by: John Mulligan --- src/pybind/mgr/cephadm/services/smb.py | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/src/pybind/mgr/cephadm/services/smb.py b/src/pybind/mgr/cephadm/services/smb.py index 6b5b132cd0f60..0b8c8cf569f9e 100644 --- a/src/pybind/mgr/cephadm/services/smb.py +++ b/src/pybind/mgr/cephadm/services/smb.py @@ -34,11 +34,9 @@ class SMBService(CephService): return 'clustered' in smb_spec.features def fence(self, daemon_id: str) -> None: - logger.info(f'Fencing old smb.{daemon_id}') - ret, out, err = self.mgr.mon_command({ - 'prefix': 'auth rm', - 'entity': f'client.smb.fs.cluster.{daemon_id}', - }) + # ... but fencing still wont do anything real, because we + # do not have per-service keys. but logging is fun + logger.debug('Will not fence key for smb cluster %r', daemon_id) def fence_old_ranks( self, @@ -47,11 +45,11 @@ class SMBService(CephService): num_ranks: int, ) -> None: smb_spec = cast(SMBSpec, spec) + logger.info('Fencing called for smb.%s', smb_spec.cluster_id) for rank, m in list(rank_map.items()): if rank >= num_ranks: for daemon_id in m.values(): if daemon_id is not None: - logger.info(f'Fencing old smb.{smb_spec.cluster_id}') self.fence(smb_spec.cluster_id) del rank_map[rank] self.mgr.spec_store.save_rank_map(spec.service_name(), rank_map) @@ -60,7 +58,6 @@ class SMBService(CephService): for gen, daemon_id in list(m.items()): if gen < max_gen: if daemon_id is not None: - logger.info(f'Fencing old smb.{smb_spec.cluster_id}') self.fence(smb_spec.cluster_id) del rank_map[rank][gen] self.mgr.spec_store.save_rank_map(spec.service_name(), rank_map) -- 2.39.5