Tried that:
[client.1]
key = *******************************
caps mds = "allow rw path=/"
caps mon = "allow r"
caps osd = "allow rw tag cephfs pool=meta_data, allow rw pool=data"
No change.
________________________________
From: Yan, Zheng <uker...@gmail.com>
Sent: Sunday, March 22, 2020 9:28 PM
To: Dungan, Scott A. <sdun...@caltech.edu>
Cc: Eugen Block <ebl...@nde.ag>; ceph-users@ceph.io <ceph-users@ceph.io>
Subject: Re: [ceph-users] Re: Cephfs mount error 1 = Operation not permitted
On Sun, Mar 22, 2020 at 8:21 AM Dungan, Scott A. <sdun...@caltech.edu> wrote:
>
> Zitat, thanks for the tips.
>
> I tried appending the key directly in the mount command
> (secret=<CLIENT.1.SECRET>) and that produced the same error.
>
> I took a look at the thread you suggested and I ran the commands that Paul at
> Croit suggested even though I the ceph dashboard showed "cephs" as already
> set as the application on both my data and metadata pools:
>
> [root@ceph-n4 ~]# ceph osd pool application set data cephfs data cephfs
> set application 'cephfs' key 'data' to 'cephfs' on pool 'data'
> [root@ceph-n4 ~]# ceph osd pool application set meta_data cephfs metadata
> cephfs
> set application 'cephfs' key 'metadata' to 'cephfs' on pool 'meta_data'
>
> No change. I get the "mount error 1 = Operation not permitted" error the same
> as before.
>
> I also tried manually editing the caps osd pool tags for my client.1, to
> allow rw to both the data pool as well as the metadata pool, as suggested
> further in the thread:
>
> [client.1]
> key = ***********************************
> caps mds = "allow rw path=all"
try replacing this with "allow rw path=/"
> caps mon = "allow r"
> caps osd = "allow rw tag cephfs pool=meta_data, allow rw pool=data"
>
> No change.
>
> ________________________________
> From: Eugen Block <ebl...@nde.ag>
> Sent: Saturday, March 21, 2020 1:16 PM
> To: ceph-users@ceph.io <ceph-users@ceph.io>
> Subject: [ceph-users] Re: Cephfs mount error 1 = Operation not permitted
>
> I just remembered there was a thread [1] about that a couple of weeks
> ago. Seems like you need to add the capabilities to the client.
>
> [1]
> https://lists.ceph.io/hyperkitty/list/ceph-users@ceph.io/thread/23FDDSYBCDVMYGCUTALACPFAJYITLOHJ/#I6LJR72AJGOCGINVOVEVSCKRIWV5TTZ2
>
>
> Zitat von Eugen Block <ebl...@nde.ag>:
>
> > Hi,
> >
> > have you tried to mount with the secret only instead of a secret file?
> >
> > mount -t ceph ceph-n4:6789:/ /ceph -o name=client.1,secret=<SECRET>
> >
> > If that works your secret file is not right. If not you should check
> > if the client actually has access to the cephfs pools ('ceph auth
> > list').
> >
> >
> >
> > Zitat von "Dungan, Scott A." <sdun...@caltech.edu>:
> >
> >> I am still very new to ceph and I have just set up my first small
> >> test cluster. I have Cephfs enabled (named cephfs) and everything
> >> is good in the dashboard. I added an authorized user key for cephfs
> >> with:
> >>
> >> ceph fs authorize cephfs client.1 / r / rw
> >>
> >> I then copied the key to a file with:
> >>
> >> ceph auth get-key client.1 > /tmp/client.1.secret
> >>
> >> Copied the file over to the client and then attempt mount witth the
> >> kernel driver:
> >>
> >> mount -t ceph ceph-n4:6789:/ /ceph -o
> >> name=client.1,secretfile=/root/client.1.secret
> >> mount error 1 = Operation not permitted
> >>
> >> I looked in the logs on the mds (which is also the mgr and mon for
> >> the cluster) and I don't see any events logged for this. I also
> >> tried the mount command with verbose and I didn't get any further
> >> detail. Any tips would be most appreciated.
> >>
> >> --
> >>
> >> Scott Dungan
> >> California Institute of Technology
> >> Office: (626) 395-3170
> >> sdun...@caltech.edu<mailto:sdun...@caltech.edu>
> >>
> >> _______________________________________________
> >> ceph-users mailing list -- ceph-users@ceph.io
> >> To unsubscribe send an email to ceph-users-le...@ceph.io
>
>
> _______________________________________________
> ceph-users mailing list -- ceph-users@ceph.io
> To unsubscribe send an email to ceph-users-le...@ceph.io
> _______________________________________________
> ceph-users mailing list -- ceph-users@ceph.io
> To unsubscribe send an email to ceph-users-le...@ceph.io
_______________________________________________
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io
