Thank you Josh. Have a great weekend. Dave Spano
----- Original Message ----- From: "Josh Durgin" <josh.dur...@inktank.com> To: "Dave Spano" <dsp...@optogenics.com> Cc: "Greg Farnum" <g...@inktank.com>, "Sébastien Han" <han.sebast...@gmail.com>, "ceph-devel" <ceph-devel@vger.kernel.org>, "Sage Weil" <s...@inktank.com>, "Wido den Hollander" <w...@42on.com>, "Sylvain Munaut" <s.mun...@whatever-company.com>, "Samuel Just" <sam.j...@inktank.com>, "Vladislav Gorbunov" <vadi...@gmail.com> Sent: Friday, March 15, 2013 6:11:17 PM Subject: Re: rados cppool and Openstack Glance and Cinder On 03/15/2013 02:55 PM, Dave Spano wrote: > > During my journey of using rados cppool, which is an awesome feature by the > way, I found an interesting behavior related to cephx. I wanted to share it > for anyone else who may be using Openstack, that decides to rename, or copy a > pool. > > My client.glance entry is currently set to this (with the exception of the > key, of course): > > client.glance > key: punkrawk > caps: [mon] allow r > caps: [osd] allow class-read object_prefix rbd_children, allow rwx > > It was limited to the images pool based on the following example listed at > http://ceph.com/docs/master/rbd/rbd-openstack/ : > > ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read > object_prefix rbd_children, allow rwx pool=images' > > client.glance > key: punkrawk > caps: [mon] allow r > caps: [osd] allow class-read object_prefix rbd_children, allow rwx > pool=images > > > > What I found was that when I would create my pool as images-new or anything > but images, then rename it to images I would have a problem. I could not even > upload an image to an empty pool. > > I could, however; upload to the pool if I renamed the original to images-old, > then created a brand new pool called images. > > My first guess is that there's a reference to the old name which would > interfere whenever my client would try to use it with the client.glance > keyring. I have not looked in the code yet, so I don't have any other > concrete idea. Yeah, someone ran into this before, but apparently I hadn't finished creating the bug, so now there's http://tracker.ceph.com/issues/4471. Each pg includes its pool name in memory, and that isn't updated when the pool is renamed. Restarting the osd would refresh it, and creating a new pool creates entirely new pgs. > As soon as I lifted the pool restriction, as if by the power greyskull, I > could upload, delete and take snapshots in the renamed pool. > > I believe this would be rather easy for anyone to reproduce with a test > install of Openstack. No openstack needed, just any ceph client with a restriction based on pool name. > Just create pool named images-new. Rename it to images, then try to upload an > image. It should fail. Remove the pool restriction, and it will work. Thanks for the detailed report! Josh -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
