KRBD failed to mount rbd image if mapping it to the host with read-only option

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi everyone,

We encountered an issue with KRBD mounting after mapping it to the host with read-only option.
We try to pinpoint where the problem is, but not able to do it.

The image is mounted well if we map it without the "read-only" option.
This leads to an issue that the pod in k8s cannot use the snapshotted persistent volume created by ceph-csi rbd provisioner.
Thank you for reading.

I have reported the bug here: Bug #50234: krbd failed to mount after map image with read-only option - Ceph - Ceph<https://tracker.ceph.com/issues/50234>

Context
- Using admin keyring
- Linux Kernel: 3.10.0-1160.15.2.el7.x86_64
- Linux Distribution: Red Hat Enterprise Linux Server 7.8 (Maipo)
- Ceph version: "ceph version 14.2.8 (2d095e947a02261ce61424021bb43bd3022d35cb) nautilus (stable)"

rbd image 'csi-vol-85919409-9797-11eb-80ba-720b2b57c790':
        size 10 GiB in 2560 objects
        order 22 (4 MiB objects)
        snapshot_count: 0
        id: 533a03bba388ea
        block_name_prefix: rbd_data.533a03bba388ea
        format: 2
        features: layering
        op_features:
        flags:
        create_timestamp: Wed Apr  7 13:51:02 2021
        access_timestamp: Wed Apr  7 13:51:02 2021
        modify_timestamp: Wed Apr  7 13:51:02 2021

Bug Reproduction
# Map RBD image WITH read-only option, CANNOT mount with both readonly or readwrite option
sudo rbd device map -p k8s-sharedpool csi-vol-85919409-9797-11eb-80ba-720b2b57c790 -ro
  /dev/rbd0
sudo mount -v -r -t ext4 /dev/rbd0 /mnt/test1
  mount: cannot mount /dev/rbd0 read-only

sudo mount -v -r -t ext4 /dev/rbd0 /mnt/test1
  mount: /dev/rbd0 is write-protected, mounting read-only
  mount: cannot mount /dev/rbd0 read-only

# Map RBD image WITHOUT read-only option, CAN mount with both readonly or readwrite option
sudo rbd device map -p k8s-sharedpool csi-vol-85919409-9797-11eb-80ba-720b2b57c790
  /dev/rbd0
sudo mount -v -r -t ext4 /dev/rbd0 /mnt/test1

  mount: /mnt/test1 does not contain SELinux labels.
       You just mounted an file system that supports labels which does not
       contain labels, onto an SELinux box. It is likely that confined
       applications will generate AVC messages and not be allowed access to
       this file system.  For more details see restorecon(8) and mount(8).
  mount: /dev/rbd0 mounted on /mnt/test1.

sudo mount -v -t ext4 /dev/rbd0 /mnt/test1
  mount: /mnt/test1 does not contain SELinux labels.
       You just mounted an file system that supports labels which does not
       contain labels, onto an SELinux box. It is likely that confined
       applications will generate AVC messages and not be allowed access to
       this file system.  For more details see restorecon(8) and mount(8).
  mount: /dev/rbd0 mounted on /mnt/test1.

With my best regards,
Son Hai Ha


--
KPMG IT Service GmbH
Sitz/Registergericht: Berlin/Amtsgericht Charlottenburg, HRB 87521 B
Geschäftsführer: Hans-Christian Schwieger, Helmar Symmank
Aufsichtsratsvorsitzender: WP StB Klaus Becker
 
Allgemeine Informationen zur Datenverarbeitung im Rahmen unserer allgemeinen Geschäftstätigkeit sowie im Mandatsverhältnis gemäß EU Datenschutz-Grundverordnung sind hier <https://home.kpmg.com/content/dam/kpmg/de/pdf/Themen/2018/datenschutzinformationen-fuer-betroffene-kpmg-it-service-gmbh.pdf> abrufbar.
 
Die Information in dieser E-Mail ist vertraulich und kann dem Berufsgeheimnis unterliegen. Sie ist ausschließlich für den Adressaten bestimmt. Jeglicher Zugriff auf diese E-Mail durch andere Personen als den Adressaten ist untersagt. Sollten Sie nicht der für diese E-Mail bestimmte Adressat sein, ist Ihnen jede Veröffentlichung, Vervielfältigung oder Weitergabe wie auch das Ergreifen oder Unterlassen von Maßnahmen im Vertrauen auf erlangte Information untersagt. In dieser E-Mail enthaltene Meinungen oder Empfehlungen unterliegen den Bedingungen des jeweiligen Mandatsverhältnisses mit dem Adressaten.

The information in this e-mail is confidential and may be legally privileged. It is intended solely for the addressee. Access to this e-mail by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. Any opinions or advice contained in this e-mail are subject to the terms and conditions expressed in the governing KPMG client engagement letter.
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux