Hi eric, thanks for the reply. As far as I can tell client.glance already already has all the rights needed to the images pool? //f > Glance needs some additional permissions including write access to the > pool > you want to add images to. See the docs at: > > http://ceph.com/docs/master/rbd/rbd-openstack/ > > Cheers, > Erik > On Apr 6, 2015 7:21 AM, <florian.rommel@xxxxxxxxxxxxxxx> wrote: > >> Hi, first off: long time reader, first time poster :).. >> I have a 4 node ceph cluster (~12TB in total) and an openstack cloud >> (juno) running. >> Everything we have is Suse based and ceph 0.80.8 >> >> Now, the cluster works fine.. : >> >> cluster 54636e1e-aeb2-47a3-8cc6-684685264b63 >> health HEALTH_OK >> monmap e1: 3 mons at >> {ceph01= >> 10.70.0.100:6789/0,ceph03=10.70.0.102:6789/0,ceph04=10.70.0.103:6789/0}, >> election epoch 6, quorum 0,1,2 ceph01,ceph03,ceph04 >> osdmap e40: 7 osds: 7 up, 7 in >> pgmap v78: 447 pgs, 5 pools, 0 bytes data, 0 objects >> 254 MB used, 12986 GB / 12986 GB avail >> 447 active+clean >> >> I also have pools for images and volumes ready: >> ceph04:~ # ceph osd lspools >> 0 data,1 metadata,2 rbd,3 volumes,4 images, >> >> and i have the keyrings and permissions done: >> >> client.admin >> key: XXXXXXXXXXXXX >> caps: [mds] allow >> caps: [mon] allow * >> caps: [osd] allow * >> client.bootstrap-mds >> key: XXXXXXXXXXXXX >> caps: [mon] allow profile bootstrap-mds >> client.bootstrap-osd >> key:XXXXXXXXXXXXX >> caps: [mon] allow profile bootstrap-osd >> client.glance >> key: XXXXXXXXXXXXX >> caps: [mon] allow r >> caps: [osd] allow class-read object_prefix rbd_children, allow >> rwx >> \ >> pool=images >> client.volumes >> key: XXXXXXXXXXXXX >> caps: [mon] allow r >> caps: [osd] allow class-read object_prefix rbd_children, allow >> rwx >> \ >> pool=volumes >> >> >> I have copied the files to the openstack glance server and in the >> ceph.conf, added the keyring sections. >> >> mon_initial_members = ceph01, ceph03, ceph04 >> mon_host = 10.70.0.100,10.70.0.102,10.70.0.103 >> auth_cluster_required = cephx >> auth_service_required = cephx >> auth_client_required = cephx >> filestore_xattr_use_omap = true >> >> [client.glance] >> keyring=/etc/glance/ceph.client.glance.keyring >> >> The glance user has permissions to read the files. >> >> Now, >> when i execute this command: >> glance image-create --name CIRROS --is-public true --disk-format qcow2 >> --container-format bare --file cirros-0.3.3-x86_64-disk.img >> >> i get as a response: >> >> <h1>500 Internal Server Error</h1> >> Failed to upload image 3fc9fe83-cc52-4481-b95c-2b5724c1d971<br /><br >> /> >> >> and in /var/log/glance/api.log I get this: >> 2015-04-06 14:15:49.097 15203 TRACE glance.api.v1.upload_utils >> features=rbd.RBD_FEATURE_LAYERING) >> 2015-04-06 14:15:49.097 15203 TRACE glance.api.v1.upload_utils File >> "/usr/lib64/python2.6/site-packages/rbd.py", line 219, in create >> 2015-04-06 14:15:49.097 15203 TRACE glance.api.v1.upload_utils raise >> make_ex(ret, 'error creating image') >> 2015-04-06 14:15:49.097 15203 TRACE glance.api.v1.upload_utils >> PermissionError: error creating image >> 2015-04-06 14:15:49.097 15203 TRACE glance.api.v1.upload_utils >> >> >> I am a bit stumped... omn the ceph cluster I see nothing in the logs. >> its >> almost as if it wont even leave from the glance server.. >> >> Any ideas here? I would really appreciate it.. >> Thanks already, >> >> //f >> >> _______________________________________________ >> ceph-users mailing list >> ceph-users@xxxxxxxxxxxxxx >> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com >> > _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |