Our documented process is to create a new cephx user (e.g. client.libvirt) and libvirt / QEMU will then use that client (and its configuration file settings) since you probably don't want to be running with admin credentials [1]. You can create a "[client]" section as a catch-all in addition to user-specific sections like "[client.libvirt]". [1] http://docs.ceph.com/docs/master/rbd/libvirt/ On Mon, Aug 1, 2016 at 4:18 PM, Gregory Farnum <gfarnum@xxxxxxxxxx> wrote: > On Mon, Aug 1, 2016 at 12:25 PM, Ken Dreyer <kdreyer@xxxxxxxxxx> wrote: >> With the new unprivileged user support in Jewel, I'm seeing some >> issues with logging and file permissions. >> >> ceph-ansible always configures client logging on every cluster node, like so: >> >> [client] >> log file = /var/log/ceph/qemu-guest-$pid.log >> >> As a result, every single client command (eg "ceph health") will >> create a new root-owned "qemu-guest-$pid" log file (which leads to >> issues with logrotate failing to rotate the root-owned files in the >> diretory...) >> >> It's clear we need to remove that bit from the ceph.conf files that >> ceph-ansible writes, but I'm wondering what it *should* be? >> >> Is there a more granular way to configure Ceph so that we only log >> qemu/librbd interactions to qemu-guest-$pid, rather than all client >> logs? > > I don't know the full toolchain these all use (is this for teuthology > or a wider thing?), but generally: > * you can specify different config files on the command line when the > client starts > * you can specify override config values of any kind on the command > line when a client starts > * I believe that QEMU/KVM configs for CephFS let you specify config > values independently > * I think(?) you can specify config "sections" based on specific > client IDs, not just the [client] type > > So I'd look into whichever of those options is most convenient. :) > -Greg > -- > To unsubscribe from this list: send the line "unsubscribe ceph-devel" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Jason -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
