IIRC 'ceph health mute' is new in octopus (15.2.x). But disabling the mon_warn_on_insecure_global_id_reclaim_allowed setting should be sufficient to make the cluster be quiet... On Mon, Jul 19, 2021 at 10:53 AM Siegfried Höllrigl <siegfried.hoellrigl@xxxxxxxxxx> wrote: > > Hi ! > > We have upgraded our Ceph Cluster to version 14.2.20 now. > > But we can not upgrade all clients at the moment, so we would like to > stick with the insecure global id for a while. > > > So we have set : > > ceph config set mon mon_warn_on_insecure_global_id_reclaim_allowed false > > and > > ceph config set mon auth_expose_insecure_global_id_reclaim false > > > So that the mon warning disappears. > > > > But we still have the warning about the insecure clients. > > According to https://docs.ceph.com/en/latest/security/CVE-2021-20288/ > > - this warning can be muted (for a limited time). > > But this command doesn´t seem to work : > > ceph health mute AUTH_INSECURE_GLOBAL_ID_RECLAIM_ALLOWED 1w > > mute not valid: mute not in detail > Invalid command: unused arguments: [u'mute', > u'AUTH_INSECURE_GLOBAL_ID_RECLAIM_ALLOWED', u'1w'] > health {detail} : show cluster health > Error EINVAL: invalid command > > > This is not a real problem for the moment, but it would be nice, if we > could mute this warning because our monitoring doesnt work correctly in > this case (this is checking for "health ok"). > > > _______________________________________________ > ceph-users mailing list -- ceph-users@xxxxxxx > To unsubscribe send an email to ceph-users-leave@xxxxxxx _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |