Bug 1544720

Summary: [ceph-ansible] [ceph-container] admin keyring is not copied on to the collocated nodes when copy_admin_key is set to true
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: subhash <vpoliset>
Component: Ceph-AnsibleAssignee: Sébastien Han <shan>
Status: CLOSED ERRATA QA Contact: subhash <vpoliset>
Severity: medium Docs Contact: Erin Donnelly <edonnell>
Priority: high    
Version: 3.0CC: adeza, aglotov, agunn, aschoen, ceph-eng-bugs, edonnell, gmeno, hnallurv, kdreyer, nthomas, pbyregow, sankarshan, shan, tpetr, vashastr, vpoliset
Target Milestone: z2   
Target Release: 3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: RHEL: ceph-ansible-3.0.31-1.el7cp Ubuntu: ceph-ansible_3.0.31-2redhat1 Doc Type: Bug Fix
Doc Text:
Previously, when using "ceph-ansible" with the "copy_admin_key" option set to "true", the administrator's keyring would not copy to the other nodes in the Ceph Storage Cluster. With this update, the "copy_admin_key" option works as expected when set to "true".
Story Points: ---
Clone Of:
: 1546175 (view as bug list) Environment:
Last Closed: 2018-04-26 17:38:39 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1553254, 1494421, 1544643, 1546175, 1557269, 1600697    
Attachments:
Description Flags
FIle contains all.yml,osds.yml,hosts,ansible-playbook log none

Description subhash 2018-02-13 11:43:15 UTC
Created attachment 1395278 [details]
FIle contains all.yml,osds.yml,hosts,ansible-playbook log

Description of problem:
The admin keyring is not copied onto the collocated nodes (rgw+osd node ,mds+osd node) even though copy_admin_key is set to true in rgws.yml and mdss.yml config file. 

Version-Release number of selected component (if applicable):
ceph-ansible-3.0.23-1.el7cp.noarch.rpm

How reproducible:
Always

Steps to Reproduce:
1. collocate RGW and MDS daemons with OSD( OSD+RGW on node & OSD+MDS on another)
2. In yaml conf file osds.yml, keep copy_admin_key to false(defaults) and in 
   rgws.yml & mdss.yml set copy_admin_key to true
3. Run ansible playbook site-docker.yml

Actual results:
admin keyring is not copied onto the collocated nodes

Expected results:
admin keyring should be copied 

Additional info:
Different values for a single parameter in mutliple files( here mdss/rgw yml and osds yml file) should have a conflict ..only one can override the other config,apparently in this case osds.yml file parameter value takes the precedence.Not sure if it is supposed to work that way and also which yml config file should take precedence in collocated scenarios either mdss/rgws.yml or osd.yml.

Comment 5 Vasishta 2018-02-15 05:35:17 UTC
User needs to copy admin keyring to RGW/MDS using scp -

From monitor node -

#scp /etc/ceph/<cluster-name>.client.admin.keyring <rgw-or-mds>:/etc/ceph/

Comment 9 Sébastien Han 2018-03-13 16:47:37 UTC
will be in v3.0.28

Comment 12 Sébastien Han 2018-04-05 09:35:37 UTC
Erin, doc is fine thanks.

Comment 13 Vasishta 2018-04-10 06:54:53 UTC
The issue has been fixed for a RGW node but we are facing same issue for MDS, clients and NFS nodes.

Moving BZ back to ASSIGNED state.

Comment 19 errata-xmlrpc 2018-04-26 17:38:39 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:1259