Hello, I do not know how to restrict a client.user to a certain rbd pool where this pool has a replicated metadata pool pool.rbd and an erasure coded data pool named pool.ec . I am running ceph nautilus. I tried this for a client.user: # ceph auth caps client.user mon 'profile rbd' osd 'profile rbd pool=pool.rbd' # ceph auth get client.user > ./client.user # rbd -n client.user -k ./client.user create pool.rbd/test --size=1G --data-pool=pool.ec 2020-03-03 15:54:43.813 7f2817fff700 -1 librbd::image::ValidatePoolRequest: handle_read_rbd_info: failed to read RBD info: (1) Operation not permitted 2020-03-03 15:54:43.813 7f2817fff700 -1 librbd::image::CreateRequest: 0x563421cf4730 handle_validate_data_pool: failed to validate pool: (1) Operation not permitted rbd: create error: (1) Operation not permitted If I remove the "... pool=pool.rbd" -section in "ceph auth caps ..." call from above everything works. Any idea how I can get this setup to work? Thanks Rainer -- Rainer Krienke, Uni Koblenz, Rechenzentrum, A22, Universitaetsstrasse 1 56070 Koblenz, Tel: +49261287 1312 Fax +49261287 100 1312 Web: http://userpages.uni-koblenz.de/~krienke PGP: http://userpages.uni-koblenz.de/~krienke/mypgp.html _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |