Re: Quincy: Stuck on image permissions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

looks like I've found it -- THE NAMESPACES :)

I love it. Thanks!


On 11/02/2023 21:37, hicks@xxxxxx wrote:
Hello guys,

could someone help me with this? We've been long-time CEPH users... runing several Mimic + Pacific CEPH clusters. Dozens of disk per cluster, typically.

BUT... now I have this brand new Quincy cluster and I'm not able to give CLIENT (Quincy on Rocky 8) rw access to ONE IMAGE on Quincy cluster (cephadm / Rocky 9).

I'm using something what worked for us for ages:

rbd auth ls:
client.xxx
         key: ...
         caps: [mon] profile rbd
         caps: [osd] allow rwx pool prod object_prefix rbd_data.600d1c6723ae; allow rwx pool prod object_prefix rbd_header.600d1c6723ae; allow rx pool prod object_prefix rbd_id.xxx-data

rbd info:
rbd image 'xxx-data':
         size 2 TiB in 524288 objects
         order 22 (4 MiB objects)
         snapshot_count: 2
         id: 600d1c6723ae
         block_name_prefix: rbd_data.600d1c6723ae
         format: 2
         features: layering, exclusive-lock, object-map, fast-diff, deep-flatten
         op_features:
         flags:

rados ls:
rbd_data.600d1c6723ae.000000000003958d
rbd_header.600d1c6723ae
rbd_id.xxx-data

BUT... it DOES NOT WORK. When I try it to map on client it says:

2023-02-11T20:49:18.665+0100 7f3a337fe700 -1 librbd::image::GetMetadataRequest: 0x7f3a1c001f40 handle_metadata_list: failed to retrieve image metadata: (1) Operation not permitted
2023-02-11T20:49:18.665+0100 7f3a337fe700 -1 librbd::image::RefreshRequest: failed to retrieve pool metadata: (1) Operation not permitted
2023-02-11T20:49:18.665+0100 7f3a337fe700 -1 librbd::image::OpenRequest: failed to refresh image: (1) Operation not permitted
2023-02-11T20:49:18.665+0100 7f3a337fe700 -1 librbd::ImageState: 0x555eff78cfc0 failed to open image: (1) Operation not permitted
rbd: error opening image xxx-data: (1) Operation not permitted

The mapping and access DOES work when I put "osd allow *" into ceph auth.

What is the recommended syntax for Quincy?

btw: this use case should be mentioned in the manual I think...

Thanks!
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx



[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux