You are correct sir. I modified the user capabilities by adding the mds cap with the 'allow r' permission using the following command.
ceph auth caps client.cephfs mon 'allow r' mds 'allow r' osd 'allow rwx pool=cephfs_metadata,allow rwx pool=cephfs_data'
Thanks,
Nate Curry
On Thu, Apr 7, 2016 at 1:06 PM, Gregory Farnum <gfarnum@xxxxxxxxxx> wrote:
You need an MDS stanza. See http://docs.ceph.com/docs/master/cephfs/client-auth/On Thu, Apr 7, 2016 at 10:02 AM, Nate Curry <curry@xxxxxxxxxxxxx> wrote:
> I am trying to get cephfs mounted as a user other than client.admin in order
> to avoid putting the admin keyring on the client host. When I try to
> connect with that user and keyring I am getting the following error:
>
> mount error 13 = Permission denied
>
> I am following the exact instructions that Karan Singh put in Ceph Cookbook
> but they do not seem to work. I checked the errata but didn't see any
> mention of there being any errors. It might be important to state that I am
> using Jewel and am not sure if there would be a difference. I followed the
> steps to create the osd pools for data and metadata, created the filesystem,
> then created a user which has rwx access to both pools as follows:
>
> ceph auth get-or-create client.cephfs mon 'allow r' osd 'allow rwx
> pool=cephfs_metadata,allow rwx pool=cephfs_data' -o
> /etc/ceph/client.cephfs.keyring
>
> I then write out the keyring in /etc/ceph/ before I transfer it to my cephfs
> client host:
>
> ceph-authtool -p -n client.cephfs /etc/ceph/client.cephfs.keyring >
> /etc/ceph/client.cephfs
>
> I then put the key in a file (cephfs.key) to be used to mount the filesystem
> instead of specifying the key on the command like or during startup. When I
> try to mount the filesystem as the root user using the following command I
> get the above error.
>
> mount -t ceph mon2:6789:/ /data -o
> name=cephfs,secretfile=/etc/ceph/cephfs.key
>
> From what I can tell it looks like the user is created properly and ceph
> auth list shows that it has permissions to the pools:
>
> client.cephfs
> key: #############################
> caps: [mon] allow r
> caps: [osd] allow rwx pool=datastore_metadata,allow rwx
> pool=datastore_data
>
>
> Could someone tell me what else I would need to give the user permission to
> in order to be able to mount the filesystem?
-Greg
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
