[Bug 1904015] Re: Manila overwrite existing Ceph users
James Page
1904015 at bugs.launchpad.net
Fri Mar 18 15:01:38 UTC 2022
** Changed in: ceph (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1904015
Title:
Manila overwrite existing Ceph users
Status in OpenStack Shared File Systems Service (Manila):
Fix Released
Status in ceph package in Ubuntu:
Invalid
Bug description:
Description
=============
I'm currently testing manila with CephFS and I stumbled upon a behavior
where manila is able to overwrite existing Ceph users.
In my testing setup Glance, Nova, Cinder and Manila share the same Ceph
cluster. However they have different users.
When a share is created and an "allow-access" is made on that share for a service user (cinder/nova/glance) it will overwrite the existing user, removing access on the pools in order to set permissions for the share.
Steps to reproduce
==================
* Having a running OpenStack with Cinder/Glance/Nova/Manila all configured with one Ceph cluster using different pools.
* Create a share and allow access to it with one of the users used for OpenStack services (Cinder/Nova/Glance..)
manila create --share-type cephfstype --name Share1 cephfs 25
manila access-allow Share1 cephx cindertest
Expected result
===============
A better option would be to prevent the creation by Manila of users
used by others OpenStack services.
Actual result
=============
It works but this user is used by Ceph and OpenStack to provide access
on pools for running services. Changing it to access only one share
will result in breaking all resources that was using it.
Environment
===========
I'm currently running OpenStack Rocky, with Ceph Nautilus.
Logs & Configs
==============
Just an example of how the user change in the Ceph cluster config : http://paste.openstack.org/show/799959/
Jahson
To manage notifications about this bug go to:
https://bugs.launchpad.net/manila/+bug/1904015/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list