Hello, looks like I've found it -- THE NAMESPACES :) I love it. Thanks! On 11/02/2023 21:37, hicks@xxxxxx wrote:
Hello guys, could someone help me with this? We've been long-time CEPH users... runing several Mimic + Pacific CEPH clusters. Dozens of disk per cluster, typically. BUT... now I have this brand new Quincy cluster and I'm not able to give CLIENT (Quincy on Rocky 8) rw access to ONE IMAGE on Quincy cluster (cephadm / Rocky 9). I'm using something what worked for us for ages: rbd auth ls: client.xxx key: ... caps: [mon] profile rbd caps: [osd] allow rwx pool prod object_prefix rbd_data.600d1c6723ae; allow rwx pool prod object_prefix rbd_header.600d1c6723ae; allow rx pool prod object_prefix rbd_id.xxx-data rbd info: rbd image 'xxx-data': size 2 TiB in 524288 objects order 22 (4 MiB objects) snapshot_count: 2 id: 600d1c6723ae block_name_prefix: rbd_data.600d1c6723ae format: 2 features: layering, exclusive-lock, object-map, fast-diff, deep-flatten op_features: flags: rados ls: rbd_data.600d1c6723ae.000000000003958d rbd_header.600d1c6723ae rbd_id.xxx-data BUT... it DOES NOT WORK. When I try it to map on client it says: 2023-02-11T20:49:18.665+0100 7f3a337fe700 -1 librbd::image::GetMetadataRequest: 0x7f3a1c001f40 handle_metadata_list: failed to retrieve image metadata: (1) Operation not permitted 2023-02-11T20:49:18.665+0100 7f3a337fe700 -1 librbd::image::RefreshRequest: failed to retrieve pool metadata: (1) Operation not permitted 2023-02-11T20:49:18.665+0100 7f3a337fe700 -1 librbd::image::OpenRequest: failed to refresh image: (1) Operation not permitted 2023-02-11T20:49:18.665+0100 7f3a337fe700 -1 librbd::ImageState: 0x555eff78cfc0 failed to open image: (1) Operation not permitted rbd: error opening image xxx-data: (1) Operation not permitted The mapping and access DOES work when I put "osd allow *" into ceph auth. What is the recommended syntax for Quincy? btw: this use case should be mentioned in the manual I think... Thanks! _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
_______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx