mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-11-22 14:20:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

cephfs: cephuser: set config and admin explicitly when creating/deleting users

Browse Source
This commit is contained in:
gman 2018-06-12 17:03:45 +02:00
parent cc88d2fa09
commit f45ddd7c9d
1 changed files with 13 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
pkg/cephfs/cephuser.go
View File

@ -57,26 +57,16 @@ func getCephUser(userId string) (*cephEntity, error) {
return &ents[0], nil return &ents[0], nil
} }
func (e *cephEntity) create() error { func createCephUser(volOptions *volumeOptions, cr *credentials, volUuid string) (*cephEntity, error) {
return execCommandJson(e, "ceph", "auth", "get-or-create", e.Entity, "mds", e.Caps.Mds, "osd", e.Caps.Osd, "mon", e.Caps.Mon)
}
func createCephUser(volOptions *volumeOptions, volUuid string, readOnly bool) (*cephEntity, error) {
access := "rw"
if readOnly {
access = "r"
}
caps := cephEntityCaps{ caps := cephEntityCaps{
Mds: fmt.Sprintf("allow %s path=%s", access, getVolumeRootPath_ceph(volUuid)), Mds: fmt.Sprintf("allow rw path=%s", getVolumeRootPath_ceph(volUuid)),
Mon: "allow r", Mon: "allow r",
Osd: fmt.Sprintf("allow %s pool=%s namespace=%s", access, volOptions.Pool, getVolumeNamespace(volUuid)), Osd: fmt.Sprintf("allow rw pool=%s namespace=%s", volOptions.Pool, getVolumeNamespace(volUuid)),
} }
var ents []cephEntity var ents []cephEntity
args := [...]string{ args := [...]string{
"auth", "-f", "json", "auth", "-f", "json", "-c", getCephConfPath(volUuid), "-n", cephEntityClientPrefix + cr.id,
"get-or-create", cephEntityClientPrefix + getCephUserName(volUuid), "get-or-create", cephEntityClientPrefix + getCephUserName(volUuid),
"mds", caps.Mds, "mds", caps.Mds,
"mon", caps.Mon, "mon", caps.Mon,
@ -90,15 +80,20 @@ func createCephUser(volOptions *volumeOptions, volUuid string, readOnly bool) (*
return &ents[0], nil return &ents[0], nil
} }
func deleteCephUser(volUuid string) error { func deleteCephUser(cr *credentials, volUuid string) error {
userId := getCephUserName(volUuid) userId := getCephUserName(volUuid)
if err := execCommandAndValidate("ceph", "auth", "rm", cephEntityClientPrefix+userId); err != nil { args := [...]string{
"-c", getCephConfPath(volUuid), "-n", cephEntityClientPrefix + cr.id,
"auth", "rm", cephEntityClientPrefix + userId,
}
if err := execCommandAndValidate("ceph", args[:]...); err != nil {
return err return err
} }
os.Remove(getCephKeyringPath(userId)) os.Remove(getCephKeyringPath(volUuid, userId))
os.Remove(getCephSecretPath(userId)) os.Remove(getCephSecretPath(volUuid, userId))
return nil return nil
} }