On 4/16/21 5:48 PM, Thomas Lamprecht wrote:
On 16.04.21 17:39, Aaron Lauterer wrote:
Thx for the feedback and yep, I forgot to run the linter...
there's to much noise still in it for this repo, so totally understandable.
Anything against doing it via `rbd -p pool namespace ls`? AFAICT there is no
lightweight command to list namespaces via `rados`. Only thing I found was
listing all objects in the pool and fetching used namespaces from that
output: `rados -p rbd ls --format json` but that is an expensive operation.
I mean, this is not a frequent operation, so we could ignore the overhead of
fork + exec. So yes, I would accept that. If we find something more efficient
it could always get replaced by that transparently any way.
One thing though that we should consider: so far adding an external RBD
storage worked even if the auth keyring wasn't present. The storage would
not get activated until the keyring file was present. But one could still do
that after adding the storage config. With this check we would make it a
requirement to first place the keyring file and then add the storage config.
Actually, I requested the feature to be able to add one through the storage
add and update API/web-interface a long time ago from Alwin, was lost in the
cogs of time though...
So; I do not see that as issue but rather as another small feature we could
finally do.
Handling in the backend should be similar to other secrets, e.g., pbs password
or encryption-key, cifs password, etc.
Okay, good to know. So I guess I will send a v2 of this patch and put more back-end checks (pool and namespace can be accessed/seen) on my todo list in combination with the possibility to pass the auth key for external RBD pools directly at creation time.
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
