Bug 1385094

Summary: [Doc RFE] Document where the Linux Unified Key Setup (LUKS) keys are stored on the monitor node when implementing dm-crypt
Product: Red Hat Ceph Storage Reporter: Anjana Suparna Sriram <asriram>
Component: DocumentationAssignee: Bara Ancincova <bancinco>
Status: CLOSED CURRENTRELEASE QA Contact: Tejas <tchandra>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 2.1CC: hnallurv, kdreyer, seb
Target Milestone: rc   
Target Release: 2.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-28 09:37:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Anjana Suparna Sriram 2016-10-14 18:08:55 UTC 
Additional info:

As an administrator, I need to know where the Linux Unified Key Setup (LUKS) keys are stored on the  monitor node when implementing dm-crypt.

Document that LUKS keys are stored in the ceph-mon k/v store and not as files on /etc/ceph/.

Content Plan: https://docs.google.com/document/d/1-ZHELw4UrH4D-d8vdz3J97nsFWiQx0a48s_QfZ1clhs/edit#
Comment 3 seb 2016-10-17 09:34:58 UTC 
It's sufficient to say keys are stored in the mon k/v store.
Additionally you could say that keys can be accessed with the "client.admin" user by running the following commands:

* list the keys: "ceph config-key list"
* access a particular key: "ceph config-key get $KEY"
Comment 5 Tejas 2016-11-02 16:17:50 UTC 
The commands mentioned in the doc are working fine:
sudo ceph config-key list
[
    "dm-crypt\/osd\/2e24cba4-9c86-4716-a80d-ba5ef7e40961\/luks",
    "dm-crypt\/osd\/328e9329-f0ae-49a3-b67c-155646aa34d9\/luks",
    "dm-crypt\/osd\/557007dd-a550-454a-9444-e868cbd1168c\/luks",
    "dm-crypt\/osd\/59f9c279-e300-408f-976f-6816c5f6b04f\/luks",
    "dm-crypt\/osd\/6f7a5daa-451f-4ea9-9fd2-4a1d56d8eb98\/luks",
    "dm-crypt\/osd\/7b557345-dd7a-4c46-8904-8e14bbbe3bd7\/luks",
    "dm-crypt\/osd\/cf57decb-e222-4fa7-8443-63b71b7fa202\/luks",
    "dm-crypt\/osd\/dcd0d312-3ca8-481b-8b5a-74d3c2ce16b0\/luks",
    "dm-crypt\/osd\/e758262b-74f8-4ed0-9097-20bee8e226fe\/luks"
]

Moving the bug to verified.

Thanks,
Tejas