Bug 2277830

Summary: cephadm: nvmeof: update auth to "osd - profile rbd"
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Ernesto Puerta <epuertat>
Component: CephadmAssignee: Adam King <adking>
Status: CLOSED ERRATA QA Contact: Manasa <mgowri>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 7.1CC: cephqe-warriors, kramaswa, mgowri, mmurthy, mobisht, sunnagar, tserlin, vereddy
Target Milestone: ---   
Target Release: 7.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ceph-18.2.1-164.el9cp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-06-13 14:32:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ernesto Puerta 2024-04-29 16:16:40 UTC 
Description of problem:

RBD snapshots are rejected by OSDs.

Steps to Reproduce:
1. Create rbd image
2. Create rbd snap
3.

Actual results:

Failure (rejection by OSD)

Expected results:

Success.


Additional info:

Following line needs to be fixed with "osd" "profile rbd": https://github.com/ceph/ceph/blob/14f956b95eb2902d7a33b1026c450cb388ada113/src/pybind/mgr/cephadm/services/nvmeof.py#L35
Comment 1 Ernesto Puerta 2024-04-30 09:04:34 UTC 
*** Bug 2277924 has been marked as a duplicate of this bug. ***
Comment 6 Manasa 2024-05-13 08:02:26 UTC 
Hi Ernesto,

Could you please provide more description on what the issue was here and what was the fix provided? Also the steps to reproduce and verify this bug?

Regards,
Manasa Gowri
Comment 8 Sunil Kumar Nagaraju 2024-05-29 15:04:12 UTC 
Now by default the "profile rbd" is set for OSD capabilities as below,

client.nvmeof.rbd.ceph-sunilkumar-01-2d2ssd-node6.uqkbhr
	key: AQCAJE5mFVzNNxAABu6GNfKM5FXwSe5kKMi9Tw==
	caps: [mon] profile rbd
	caps: [osd] profile rbd

And I was able to create snapshot on the image from Vpshere plugin side w/o updating the auth.


Hence verifying with above note in 18.2.1-191 build.
Comment 9 errata-xmlrpc 2024-06-13 14:32:20 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Critical: Red Hat Ceph Storage 7.1 security, enhancements, and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2024:3925