Re: specify fsname in kubernetes connection (or set default on the keyring)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Carlos

This sounds like a bug in k8s.

On 20/12/2022 07:21, Carlos Mogas da Silva wrote:

To answer my own question.

I've found this: https://github.com/kubernetes/kubernetes/issues/104095#issuecomment-1276873578

With it, we just "command inject" the correct fs to the mount command and everything works. Yeah,
it's a hack, but it works ;)


As a workaround you can specify as either of:

"name=<user>,fs=<fsname>" or "name=<user>,mds_namespace=<fsname>"
Anyway IMO the k8s should always add both the 'name=<user>' and  'fs=<fsname>' options for old mount style in the code. And for new mount style it should be '<user>@.<fsname>=<path>'
But from the above link's k8s code it mentioned I saw that the k8s is still using the old mount style, I am not familiar with the k8s code so not sure whether k8s has switched to new style or not ? 

Thanks


On Mon, 2022-12-19 at 18:21 +0000, Carlos Mogas da Silva wrote:

Hi!

I have a Ceph cluster that has 2 cephfs filesystems, and one of them is specific to the k8s
cluster.

Last time I did this I only had one, so this issue didn't exist.
I'm trying to mount the CephFS like this:

       volumes:
         - name: data
           cephfs:
             monitors:
               - 10.0.11.2
             path: /portainer
             user: k8s
             fsname: k8s
             secretRef:
               name: ceph-secret

and the k8s host has this on the /etc/ceph/ceph.client.k8s.keyring file

[client.k8s]
         key = <snip>
         caps mds = "allow rw fsname=k8s"
         caps mgr = "profile rbd pool=k8s_rbd"
         caps mon = "profile rbd, allow r fsname=k8s"
         caps osd = "profile rbd pool=k8s_rbd, allow rw tag cephfs data=k8s"


While I can actually mount the filesystem on the host (using mount -t ceph k8s@.k8s=/ /mnt) trying
to mount the filesystem on the container fails with Permission denied which leads me to think that
it's trying to mount the other FS that exists on the cluster.

Is there any way I can specify the fs on the yaml configuration of the k8s service, or just force
the fs on the keyring?
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx

_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx


_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux