Bug 2267763

Summary: [NFS-Ganesha] [Dashboard] Enable support in Ceph Dashboard to create ganesha export with v3 enabled
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Manisha Saini <msaini>
Component: Ceph-DashboardAssignee: avan <athakkar>
Status: CLOSED ERRATA QA Contact: Manisha Saini <msaini>
Severity: urgent Docs Contact: Akash Raj <akraj>
Priority: unspecified    
Version: 7.1CC: akraj, anbehl, athakkar, ceph-eng-bugs, cephqe-warriors, tserlin
Target Milestone: ---   
Target Release: 7.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ceph-18.2.1-106.el9cp Doc Type: Enhancement
Doc Text:
.Ceph dashboard now supports NFSv3-based exports in Ceph dashboard With this enhancement, support is enabled for NFSv3-based export management in the Ceph dashboard.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2024-06-13 14:28:37 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2267614, 2298578, 2298579    

Description Manisha Saini 2024-03-04 18:17:44 UTC 
Description of problem:
========

Presently, the dashboard only allows the creation of new exports using protocol v4. However, with RHCS 7.1, additional support for "vers=3" is provided. To ensure v3 support from the customer's perspective, users should be empowered to configure v3 exports via the dashboard.


Version-Release number of selected component (if applicable):
=========
# ceph --version
ceph version 18.2.1-42.el9cp (99eeea5747b2d0f6873630efda2d6d2d50d7ae61) reef (stable)


How reproducible:


Steps to Reproduce:
=========
1. Bootstrap the cluster with Dashboard enabled
2. Create ganesha cluster
3. Create ganesha export supporting v3 mount via Dashboard

Actual results:
========
Unable to create export with v3 enable via Dashboard. Only v4 exports are created via dashboard as of now.


Expected results:
========
User should be allowed to configure the ganesha v3 export


Additional info:
Comment 3 Manisha Saini 2024-04-04 03:45:05 UTC 
Verified this BZ with

# ceph --version
ceph version 18.2.1-116.el9cp (7709f0c4c90984d791f2f37b5672d6be5a8a6986) reef (stable)

# rpm -qa | grep nfs
libnfsidmap-2.5.4-20.el9.x86_64
nfs-utils-2.5.4-20.el9.x86_64
nfs-ganesha-selinux-5.7-3.el9cp.noarch
nfs-ganesha-5.7-3.el9cp.x86_64
nfs-ganesha-rgw-5.7-3.el9cp.x86_64
nfs-ganesha-ceph-5.7-3.el9cp.x86_64
nfs-ganesha-rados-grace-5.7-3.el9cp.x86_64
nfs-ganesha-rados-urls-5.7-3.el9cp.x86_64


# ceph nfs cluster ls
[
  "nfsganesha1"
]

# ceph nfs cluster info nfsganesha1
{
  "nfsganesha1": {
    "backend": [
      {
        "hostname": "argo016",
        "ip": "10.8.128.216",
        "port": 2049
      }
    ],
    "monitor_port": 9049,
    "port": 12049,
    "virtual_ip": "10.8.128.200"
  }
}


Scenario 1: Default setting export created from dashboard:

=============

# ceph nfs export info nfsganesha1 /ganesha1
{
  "access_type": "RW",
  "clients": [],
  "cluster_id": "nfsganesha1",
  "export_id": 1,
  "fsal": {
    "cmount_path": "/",
    "fs_name": "cephfs",
    "name": "CEPH",
    "user_id": "nfs.nfsganesha1.cephfs"
  },
  "path": "/",
  "protocols": [
    3,
    4
  ],
  "pseudo": "/ganesha1",
  "security_label": false,
  "squash": "no_root_squash",
  "transports": [
    "TCP",
    "UDP"
  ]
}

Scenario 2: Only v3 enabled export created from dashboard
===================

# ceph nfs export info nfsganesha1 /ganesha2
{
  "access_type": "RW",
  "clients": [],
  "cluster_id": "nfsganesha1",
  "export_id": 2,
  "fsal": {
    "cmount_path": "/",
    "fs_name": "cephfs",
    "name": "CEPH",
    "user_id": "nfs.nfsganesha1.cephfs"
  },
  "path": "/",
  "protocols": [
    3
  ],
  "pseudo": "/ganesha2",
  "security_label": false,
  "squash": "no_root_squash",
  "transports": [
    "TCP",
    "UDP"
  ]
}

Scenario 3: Only v4 enabled export created from dashboard
==========================

# ceph nfs export info nfsganesha1 /ganesha3
{
  "access_type": "RW",
  "clients": [],
  "cluster_id": "nfsganesha1",
  "export_id": 3,
  "fsal": {
    "cmount_path": "/",
    "fs_name": "cephfs",
    "name": "CEPH",
    "user_id": "nfs.nfsganesha1.cephfs"
  },
  "path": "/",
  "protocols": [
    4
  ],
  "pseudo": "/ganesha3",
  "security_label": false,
  "squash": "no_root_squash",
  "transports": [
    "TCP",
    "UDP"
  ]
}


Mounting of all exports on client was successful
===========================


[root@argo021 mnt]# mount -t nfs -o vers=3 10.8.128.200:/ganesha1 /mnt/ganesha/
[root@argo021 mnt]# umount /mnt/ganesha
[root@argo021 mnt]# mount -t nfs -o vers=3 10.8.128.200:/ganesha2 /mnt/ganesha/
[root@argo021 mnt]# umount /mnt/ganesha
[root@argo021 mnt]# mount -t nfs -o vers=3 10.8.128.200:/ganesha3 /mnt/ganesha/ --> Only v4 enabled export
mount.nfs: access denied by server while mounting 10.8.128.200:/ganesha3
[root@argo021 mnt]# mount -t nfs -o vers=4 10.8.128.200:/ganesha3 /mnt/ganesha/
[root@argo021 mnt]# umount /mnt/ganesha
Comment 6 errata-xmlrpc 2024-06-13 14:28:37 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Critical: Red Hat Ceph Storage 7.1 security, enhancements, and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2024:3925