From f1d0cdd1c09de0f3a5f1e961109e49f3f945ee28 Mon Sep 17 00:00:00 2001 From: Sage Weil Date: Tue, 5 Jun 2018 17:30:14 -0500 Subject: [PATCH] mon: add 'osd destroy-new' command that only destroys NEW osd slots ceph-volume may run into a problem and want to clean up, but we do not want to give it blanket access to the 'osd destroy' command. Instead, make an 'osd destroy-new' that can only create new OSDs (ones that are in the process of being created but have never booted yet). Signed-off-by: Sage Weil (cherry picked from commit 547d96dc01cd913f6543528eb75bb5015e00e893) --- qa/workunits/cephtool/test.sh | 2 +- src/mon/MonCommands.h | 7 +++++++ src/mon/OSDMonitor.cc | 14 ++++++++++++-- 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/qa/workunits/cephtool/test.sh b/qa/workunits/cephtool/test.sh index c92f1c0127d94..e1543b58ac99b 100755 --- a/qa/workunits/cephtool/test.sh +++ b/qa/workunits/cephtool/test.sh @@ -1334,7 +1334,7 @@ function test_mon_osd_create_destroy() expect_false ceph auth get-key client.osd-lockbox.$uuid2 expect_false ceph config-key exists dm-crypt/osd/$uuid2/luks - ceph osd destroy osd.$id2 --yes-i-really-mean-it + ceph osd destroy-new osd.$id2 --yes-i-really-mean-it ceph osd destroy $id2 --yes-i-really-mean-it ceph osd find $id2 expect_false ceph auth get-key osd.$id2 diff --git a/src/mon/MonCommands.h b/src/mon/MonCommands.h index a17ba96f32e2f..56d20ac54054f 100644 --- a/src/mon/MonCommands.h +++ b/src/mon/MonCommands.h @@ -869,6 +869,13 @@ COMMAND("osd destroy " \ "but removes cephx keys, config-key data and lockbox keys, "\ "rendering data permanently unreadable.", \ "osd", "rw", "cli,rest") +COMMAND("osd destroy-new " \ + "name=id,type=CephOsdName " \ + "name=sure,type=CephChoices,strings=--yes-i-really-mean-it,req=false", \ + "mark osd as being destroyed. Keeps the ID intact (allowing reuse), " \ + "but removes cephx keys, config-key data and lockbox keys, "\ + "rendering data permanently unreadable. Only works on new, unbooted osd ids.", \ + "osd", "rw", "cli,rest") COMMAND("osd purge " \ "name=id,type=CephOsdName " \ "name=sure,type=CephChoices,strings=--yes-i-really-mean-it,req=false", \ diff --git a/src/mon/OSDMonitor.cc b/src/mon/OSDMonitor.cc index 2cc546e5c0b57..5e8440afd29eb 100644 --- a/src/mon/OSDMonitor.cc +++ b/src/mon/OSDMonitor.cc @@ -10581,7 +10581,9 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, return true; } - } else if (prefix == "osd destroy" || prefix == "osd purge") { + } else if (prefix == "osd destroy" || + prefix == "osd purge" || + prefix == "osd destroy-new") { /* Destroying an OSD means that we don't expect to further make use of * the OSDs data (which may even become unreadable after this operation), * and that we are okay with scrubbing all its cephx keys and config-key @@ -10610,7 +10612,8 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, goto reply; } - bool is_destroy = (prefix == "osd destroy"); + bool is_destroy = (prefix == "osd destroy" || + prefix == "osd destroy-new"); if (!is_destroy) { assert("osd purge" == prefix); } @@ -10637,6 +10640,13 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, goto reply; } + if (prefix == "osd destroy-new" && + (osdmap.get_state(id) & CEPH_OSD_NEW) == 0) { + ss << "osd." << id << " is not new"; + err = -EPERM; + goto reply; + } + bool goto_reply = false; paxos->plug(); -- 2.39.5