Re: Creating new user to mount cephfs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, Apr 7, 2016 at 10:02 AM, Nate Curry <curry@xxxxxxxxxxxxx> wrote:
> I am trying to get cephfs mounted as a user other than client.admin in order
> to avoid putting the admin keyring on the client host.  When I try to
> connect with that user and keyring I am getting the following error:
>
> mount error 13 = Permission denied
>
> I am following the exact instructions that Karan Singh put in Ceph Cookbook
> but they do not seem to work.  I checked the errata but didn't see any
> mention of there being any errors.  It might be important to state that I am
> using Jewel and am not sure if there would be a difference.  I followed the
> steps to create the osd pools for data and metadata, created the filesystem,
> then created a user which has rwx access to both pools as follows:
>
> ceph auth get-or-create client.cephfs mon 'allow r' osd 'allow rwx
> pool=cephfs_metadata,allow rwx pool=cephfs_data' -o
> /etc/ceph/client.cephfs.keyring
>
> I then write out the keyring in /etc/ceph/ before I transfer it to my cephfs
> client host:
>
> ceph-authtool -p -n client.cephfs /etc/ceph/client.cephfs.keyring >
> /etc/ceph/client.cephfs
>
> I then put the key in a file (cephfs.key) to be used to mount the filesystem
> instead of specifying the key on the command like or during startup. When I
> try to mount the filesystem as the root user using the following command I
> get the above error.
>
> mount -t ceph mon2:6789:/ /data -o
> name=cephfs,secretfile=/etc/ceph/cephfs.key
>
> From what I can tell it looks like the user is created properly and ceph
> auth list shows that it has permissions to the pools:
>
> client.cephfs
>     key: #############################
>     caps: [mon] allow r
>     caps: [osd] allow rwx pool=datastore_metadata,allow rwx
> pool=datastore_data
>
>
> Could someone tell me what else I would need to give the user permission to
> in order to be able to mount the filesystem?

You need an MDS stanza. See http://docs.ceph.com/docs/master/cephfs/client-auth/
-Greg
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux