Unmapping is an operation local to the host and doesn't communicate with the cluster at all (at least, in the kernel you're running...in very new code it might involve doing an "unwatch", which will require communication). That means there's no need for a keyring, since its purpose is to validate communication with the cluster. -Greg On Mon, Feb 9, 2015 at 6:58 AM, Vikhyat Umrao <vumrao@xxxxxxxxxx> wrote: > Hi, > > While using rbd kernel client with cephx , admin user without admin keyring > was not able to map the rbd image to a block device and this should be the > work flow. > > But issue is once I unmap rbd image without admin keyring it is allowing to > unmap the image and as per my understanding it should not be the case , it > should not all and give error as when it has given while mapping. > > Is it a normal behaviour or I am missing something , may be needed a fix > (bug) ? > > ------------------------------------------------------------------------ > > [ceph@dell-per620-1 ceph]$ ls -l /etc/ceph/ > total 16 > -rw-r--r--. 1 root root 63 Feb 9 22:30 ceph.client.admin.keyring > -rw-r--r--. 1 root root 71 Feb 9 22:23 ceph.client.dell-per620-1.keyring > -rw-r--r--. 1 root root 467 Feb 9 22:22 ceph.conf > -rwxr-xr-x. 1 root root 92 Oct 15 01:03 rbdmap > [ceph@dell-per620-1 ceph]$ > > > [ceph@dell-per620-1 ceph]$ sudo mv /etc/ceph/ceph.client.admin.keyring > /tmp/. > [ceph@dell-per620-1 ceph]$ ls -l /etc/ceph/ > total 12 > -rw-r--r--. 1 root root 71 Feb 9 22:23 ceph.client.dell-per620-1.keyring > -rw-r--r--. 1 root root 467 Feb 9 22:22 ceph.conf > -rwxr-xr-x. 1 root root 92 Oct 15 01:03 rbdmap > [ceph@dell-per620-1 ceph]$ > > [ceph@dell-per620-1 ceph]$ sudo rbd map testcephx > rbd: add failed: (22) Invalid argument > > [ceph@dell-per620-1 ceph]$ sudo dmesg > [437447.308705] libceph: no secret set (for auth_x protocol) > [437447.308761] libceph: error -22 on auth protocol 2 init > [437447.308809] libceph: client4954 fsid > d57d909f-8adf-46aa-8cc6-3168974df332 > > [ceph@dell-per620-1 ceph]$ sudo mv /tmp/ceph.client.admin.keyring /etc/ceph/ > [ceph@dell-per620-1 ceph]$ ls -l /etc/ceph/ > total 16 > -rw-r--r--. 1 root root 63 Feb 9 22:30 ceph.client.admin.keyring > -rw-r--r--. 1 root root 71 Feb 9 22:23 ceph.client.dell-per620-1.keyring > -rw-r--r--. 1 root root 467 Feb 9 22:22 ceph.conf > -rwxr-xr-x. 1 root root 92 Oct 15 01:03 rbdmap > > [ceph@dell-per620-1 ceph]$ sudo rbd map testcephx > > [ceph@dell-per620-1 ceph]$ sudo rbd showmapped > id pool image snap device > 0 rbd testcephx - /dev/rbd0 > > [ceph@dell-per620-1 ceph]$ sudo dmesg > [437447.308705] libceph: no secret set (for auth_x protocol) > [437447.308761] libceph: error -22 on auth protocol 2 init > [437447.308809] libceph: client4954 fsid > d57d909f-8adf-46aa-8cc6-3168974df332 > [437496.444701] libceph: client4961 fsid > d57d909f-8adf-46aa-8cc6-3168974df332 > [437496.447833] libceph: mon1 10.65.200.118:6789 session established > [437496.482913] rbd0: unknown partition table > [437496.483037] rbd: rbd0: added with size 0x8000000 > [ceph@dell-per620-1 ceph]$ > > [ceph@dell-per620-1 ceph]$ sudo mv /etc/ceph/ceph.client.admin.keyring > /tmp/. > [ceph@dell-per620-1 ceph]$ ls -l /etc/ceph/ > total 12 > -rw-r--r--. 1 root root 71 Feb 9 22:23 ceph.client.dell-per620-1.keyring > -rw-r--r--. 1 root root 467 Feb 9 22:22 ceph.conf > -rwxr-xr-x. 1 root root 92 Oct 15 01:03 rbdmap > > [ceph@dell-per620-1 ceph]$ sudo rbd unmap /dev/rbd/rbd/testcephx > <--------------- If we see here it has allowed unmaping rbd image without > keyring > > [ceph@dell-per620-1 ceph]$ sudo rbd showmapped <----------- no mapped image > > ------------------------------------------------------------------------------------------------------------------------------------------------- > > Regards, > Vikhyat > > > > > > > > > > > > > _______________________________________________ > ceph-users mailing list > ceph-users@xxxxxxxxxxxxxx > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com > _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |