Jason Dillaman wrote:
One more question, how should I set profile 'rbd-read-only' properly ? I tried to set is for 'client.iso' on both 'iso' and 'jerasure21' pools, and this did not work. Set profile on both pools to 'rbd', it worked. But I don't want my iso imaged to be accidentally modified by virtual guests. Can this be solved with Ceph auth, or in some other way ? (in fact, I look for Ceph equivalent of 'chattr +i')
QEMU doesn't currently handle the case for opening RBD images in read-only mode, so if you attempt to use 'profile rbd-read-only', I suspect attempting to open the image will fail. You could perhaps take a middle ground and just apply 'profile rbd-read-only pool=jerasure21' to protect the contents of the image.
For QEMU I found that profile 'rbd-read-only' currently does not work. So, I use 'profile rbd' for both replicated and erasure pools, and hope that 'readonly' configuration in QEMU disk would help. In my past experience I found that running 'kvm ... -cdrom something.iso' sometimes would modify that .iso-file, so I had to set immutable attribute on the FS level.
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
