Hi!
We are on version 9.2.0, 5 mons and 80 OSDS distributed on 10 hosts.
How could we twist cephx capabilities so to forbid our KVM+QEMU+libvirt
hosts any RBD creation capability ?
We currently have an rbd-user key like so :
caps: [mon] allow r
caps: [osd] allow x object_prefix rbd_children, allow rwx
object_prefix rbd_header., allow rwx object_prefix rbd_id., allow rw
object_prefix rbd_data.
And another rbd-manager key like the one suggested in the documentation,
which is used in a central machine which is the only one allowed to
create RBD images:
caps: [mon] allow r
caps: [osd] allow class-read object_prefix rbd_children, allow
rwx pool=rbd
Now, the libvirt hosts all share the same "rbd-user" secret.
Our intention is to permit the QEMU processes to take full advantage of
any single RBD functionality, but to forbid any new RBD creation with
this same key. In the eventuality of a stolen key, or other hellish
scenarios.
What cephx capabilities did you guys configure for your virtualization
hosts?
Thanks,
Loris
_______________________________________________
ceph-users mailing list
ceph-users@lists.ceph.com
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
