Ah, that makes sense. Thanks for the quick reply!
Andras
On 2/6/20 11:24 AM, Jason Dillaman wrote:
On Thu, Feb 6, 2020 at 11:20 AM Andras Pataki
<apataki@xxxxxxxxxxxxxxxxxxxxx> wrote:
I'm trying to set up a cephx key to mount RBD images read-only. I have
the following two keys:
[client.rbd]
key = xxx
caps mgr = "profile rbd"
caps mon = "profile rbd"
caps osd = "profile rbd pool=rbd_vm"
[client.rbd-ro]
key = xxx
caps mgr = "profile rbd-read-only"
caps mon = "profile rbd"
caps osd = "profile rbd-read-only pool=rbd_vm"
The following works:
# rbd map --pool rbd_vm andras_test --name client.rbd
/dev/rbd0
and so does this:
# rbd map --pool rbd_vm andras_test --name client.rbd --read-only
/dev/rbd0
but the using the rbd-ro key doesn't work:
# rbd map --pool rbd_vm andras_test --name client.rbd-ro --read-only
rbd: sysfs write failed
In some cases useful info is found in syslog - try "dmesg | tail".
rbd: map failed: (1) Operation not permitted
the logs only have the following:
[1281776.788709] libceph: mon4 10.128.150.14:6789 session established
[1281776.801747] libceph: client88900164 fsid
d7b33135-0940-4e48-8aa6-1d2026597c2f
The back end of mimic 13.2.8, the kernel is the CentOS kernel
3.10.0-957.27.2.el7.x86_64
Any ideas what I'm doing wrong here?
You need kernel v5.5 or later to map an RBD image via krbd using
read-only caps [1]. Prior to this patch, krbd would be in a
quasi-read-only state internally.
Andras
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
[1] https://tracker.ceph.com/issues/42667
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
