On Mi, 2016-12-14 at 18:01 +0100, Ilya Dryomov wrote: > On Wed, Dec 14, 2016 at 5:10 PM, Bjoern Laessig <b.laessig@xxxxxxxxxxxxxx> wrote: > > i triggered a Kernel bug in the ceph-krbd code > > * http://www.spinics.net/lists/ceph-devel/msg33802.html > > The fix is ready and is set to be merged into 4.10-rc1. > > How often can you hit it? I cannot hit it. My kernel guy says it is more probable, that the server room burns down before that happens again. But if you send me the patch at least i can test it on top of 4.9. The whole disabling-cephx-sign-message thing is a test, whether i *can* disable it, if it happens again. > > Actually i do not have to delete the logfiles every 12 hours, so my pain > > has gone but its a workaround for a workaround. That is painful. What > > could i do to disable cephx-message-signing only for the krbd clients? > > I don't think you can enable/disable message signing on a per > connection basis - once the feature bit is negotiated, messengers on > both sides expect everything to be signed. Feature bits are static and > the MSG_AUTH feature bit is enabled since bobtail and kernel 3.19. > > It has to be disabled both on the server side (via ceph.conf, all > daemons need to be restarted) and on the client side (via rbd map -o > nocephx_sign_messages). I will not disable security Foo. It is simple to disable, but often it is huge mess to enable it again. > Suppressing logging is obviously the wrong thing to do here ;) Definitively you're right, but i sleep well in silence. Thanks, Björn _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |