1464957 – [RFE] Simplified RBD client key creation

Bug 1464957 - [RFE] Simplified RBD client key creation

Summary: [RFE] Simplified RBD client key creation

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	RBD
Sub Component:
Version:	3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	rc
Target Release:	3.0
Assignee:	Jason Dillaman
QA Contact:	Parikshith
Docs Contact:	Bara Ancincova
URL:
Whiteboard:
Depends On:
Blocks:	1494421
TreeView+	depends on / blocked

Reported:	2017-06-26 09:55 UTC by John Spray
Modified:	2017-12-05 23:34 UTC (History)
CC List:	5 users (show)
Fixed In Version:	RHEL: ceph-12.1.2-1.el7cp Ubuntu: ceph_12.1.2-2redhat1xenial
Doc Type:	Enhancement
Doc Text:	.Granting access to Ceph Block Device images has been simplified The `ceph auth get-or-create` command now supports two profiles, `rbd` and `rbd-read-only`. When using these profiles, `cephx` capabilities are created automatically without the need to specify them directly. For example, to create a `client.1` user with required capabilities for Monitors and OSDs: ---- ceph auth get-or-create client.1 mon 'profile rbd' osd 'profile rbd [pool=<pool>]' ---- OSDs support the `rbd` and `rbd-read-only` profiles. Monitors support only the `rbd` profile.
Clone Of:
Environment:
Last Closed:	2017-12-05 23:34:34 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2017:3387	0	normal	SHIPPED_LIVE	Red Hat Ceph Storage 3.0 bug fix and enhancement update	2017-12-06 03:03:45 UTC

Description John Spray 2017-06-26 09:55:11 UTC

A command for granting access to RBD images in a particular pool, without the user having to touch auth cap syntax.

Comment 4 Jason Dillaman 2017-07-11 14:37:36 UTC

In-progress as part of the Luminous release. RBD clients can now be defined using a simplified syntax:

ceph auth get-or-create client.<ID> mon 'profile rbd' osd 'profile rbd[ pool=<pool>][, profile ...]'

The OSD has two possible profiles: rbd and rbd-read-only
The MON has a single possible profile: rbd

Comment 22 errata-xmlrpc 2017-12-05 23:34:34 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:3387

Note You need to log in before you can comment on or make changes to this bug.