This allows us to manually pass the used RBD keyring or CephFS secret.
Useful mostly when adding external Ceph clusters where we have no other
means to fetch them.
I renamed the previous $secret to $cephfs_secret to be able to use
$secret as parameter.
Signed-off-by: Aaron Lauterer <a.laute...@proxmox.com>
---
PVE/CephConfig.pm | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/PVE/CephConfig.pm b/PVE/CephConfig.pm
index 83d72fc..5c94a04 100644
--- a/PVE/CephConfig.pm
+++ b/PVE/CephConfig.pm
@@ -212,7 +212,7 @@ sub ceph_connect_option {
}
sub ceph_create_keyfile {
- my ($type, $storeid) = @_;
+ my ($type, $storeid, $secret) = @_;
my $extension = 'keyring';
$extension = 'secret' if ($type eq 'cephfs');
@@ -221,17 +221,20 @@ sub ceph_create_keyfile {
my $ceph_storage_keyring = "/etc/pve/priv/ceph/${storeid}.$extension";
die "ceph authx keyring file for storage '$storeid' already exists!\n"
- if -e $ceph_storage_keyring;
+ if -e $ceph_storage_keyring && !defined($secret);
- if (-e $ceph_admin_keyring) {
+ if (-e $ceph_admin_keyring || defined($secret)) {
eval {
- if ($type eq 'rbd') {
+ if (defined($secret)) {
+ mkdir '/etc/pve/priv/ceph';
+ PVE::Tools::file_set_contents($ceph_storage_keyring, $secret,
0400);
+ } elsif ($type eq 'rbd') {
mkdir '/etc/pve/priv/ceph';
PVE::Tools::file_copy($ceph_admin_keyring,
$ceph_storage_keyring);
} elsif ($type eq 'cephfs') {
- my $secret = $ceph_get_key->($ceph_admin_keyring, 'admin');
+ my $cephfs_secret = $ceph_get_key->($ceph_admin_keyring,
'admin');
mkdir '/etc/pve/priv/ceph';
- PVE::Tools::file_set_contents($ceph_storage_keyring, $secret,
0400);
+ PVE::Tools::file_set_contents($ceph_storage_keyring,
$cephfs_secret, 0400);
}
};
if (my $err = $@) {
--
2.30.2
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
