* Authentication question with RBD+STGT
@ 2013-04-22 18:09 Scott Sullivan
2013-04-22 19:02 ` Wido den Hollander
2013-04-22 23:42 ` Dan Mick
0 siblings, 2 replies; 4+ messages in thread
From: Scott Sullivan @ 2013-04-22 18:09 UTC (permalink / raw)
To: ceph-devel
Referring to this: http://ceph.com/dev-notes/adding-support-for-rbd-to-stgt/
I compiled the latest tgt with RBD support. My question is when using
this method to access RBD volumes, where do you tell it what user to
authenticate to the cluster with? I do see the above linked page
mentions it will read a local ceph.conf.
Say I want to use cephx for authentication; how do I tell this:
tgtadm --lld iscsi --mode logicalunit --op new --tid 1 --lun 1
--backing-store pool0/test-image --bstype rbd
to authenticate to pool0/test-image as user testuser? My local ceph.conf
(that I run the tgtadm command on) contains:
[global]
log_max_recent = 500
[mon.a]
host = c01-m01
mon addr = XX.XX.XX.XX:6789
[mon.b]
host = c01-m02
mon addr = XX.XX.XX.XX:6789
[mon.c]
host = c01-m03
mon addr = XX.XX.XX.XX:6789
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Authentication question with RBD+STGT
2013-04-22 18:09 Authentication question with RBD+STGT Scott Sullivan
@ 2013-04-22 19:02 ` Wido den Hollander
2013-04-22 23:42 ` Dan Mick
1 sibling, 0 replies; 4+ messages in thread
From: Wido den Hollander @ 2013-04-22 19:02 UTC (permalink / raw)
To: Scott Sullivan; +Cc: ceph-devel
Hi,
On 04/22/2013 08:09 PM, Scott Sullivan wrote:
> Referring to this:
> http://ceph.com/dev-notes/adding-support-for-rbd-to-stgt/
>
> I compiled the latest tgt with RBD support. My question is when using
> this method to access RBD volumes, where do you tell it what user to
> authenticate to the cluster with? I do see the above linked page
> mentions it will read a local ceph.conf.
It seems like you can't. A quick peek at the source code of mainline tgt:
bs_rbd.c
static tgtadm_err bs_rbd_init(struct scsi_lu *lu)
{
..
..
rados_ret = rados_create(&cluster, NULL);
if (rados_ret < 0) {
eprintf("bs_rbd_init: rados_create: %d\n", rados_ret);
return ret;
}
..
..
}
Looking at librados.h:
* @param id the user to connect as (i.e. admin, not client.admin)
* @returns 0 on success, negative error code on failure
*/
int rados_create(rados_t *cluster, const char * const id);
So it seems like tgt doesn't support Cephx at all? Or is the
documentation for librados wrong that it will use "admin" as id when
NULL is given and cephx is enabled?
I'm not sure if you can pass the id in CEPH_ARGS, but you can give it a try:
export CEPH_ARGS="--id myuser"
tgtadm .......
Wido
>
> Say I want to use cephx for authentication; how do I tell this:
>
> tgtadm --lld iscsi --mode logicalunit --op new --tid 1 --lun 1
> --backing-store pool0/test-image --bstype rbd
>
> to authenticate to pool0/test-image as user testuser? My local ceph.conf
> (that I run the tgtadm command on) contains:
>
> [global]
> log_max_recent = 500
>
> [mon.a]
> host = c01-m01
> mon addr = XX.XX.XX.XX:6789
>
> [mon.b]
> host = c01-m02
> mon addr = XX.XX.XX.XX:6789
>
> [mon.c]
> host = c01-m03
> mon addr = XX.XX.XX.XX:6789
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Wido den Hollander
42on B.V.
Phone: +31 (0)20 700 9902
Skype: contact42on
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Authentication question with RBD+STGT
2013-04-22 18:09 Authentication question with RBD+STGT Scott Sullivan
2013-04-22 19:02 ` Wido den Hollander
@ 2013-04-22 23:42 ` Dan Mick
2013-04-23 3:49 ` Sage Weil
1 sibling, 1 reply; 4+ messages in thread
From: Dan Mick @ 2013-04-22 23:42 UTC (permalink / raw)
To: Scott Sullivan; +Cc: ceph-devel
On 04/22/2013 11:09 AM, Scott Sullivan wrote:
> Referring to this:
> http://ceph.com/dev-notes/adding-support-for-rbd-to-stgt/
>
> I compiled the latest tgt with RBD support. My question is when using
> this method to access RBD volumes, where do you tell it what user to
> authenticate to the cluster with? I do see the above linked page
> mentions it will read a local ceph.conf.
Yes, as Wido hints at, it passes NULL to rados_create()'s second arg;
that means it will authenticate as client.admin. This could certainly
be easily fixed.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Authentication question with RBD+STGT
2013-04-22 23:42 ` Dan Mick
@ 2013-04-23 3:49 ` Sage Weil
0 siblings, 0 replies; 4+ messages in thread
From: Sage Weil @ 2013-04-23 3:49 UTC (permalink / raw)
To: Dan Mick; +Cc: Scott Sullivan, ceph-devel
On Mon, 22 Apr 2013, Dan Mick wrote:
> On 04/22/2013 11:09 AM, Scott Sullivan wrote:
> > Referring to this:
> > http://ceph.com/dev-notes/adding-support-for-rbd-to-stgt/
> >
> > I compiled the latest tgt with RBD support. My question is when using
> > this method to access RBD volumes, where do you tell it what user to
> > authenticate to the cluster with? I do see the above linked page
> > mentions it will read a local ceph.conf.
>
> Yes, as Wido hints at, it passes NULL to rados_create()'s second arg; that
> means it will authenticate as client.admin. This could certainly be easily
> fixed.
While we're talking about tgt, I think we should also switch this over to
use the aio librbd calls instead of the sync ones. It's functionally
equivalent, but more efficient and cleaner.
sage
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2013-04-23 3:49 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-04-22 18:09 Authentication question with RBD+STGT Scott Sullivan
2013-04-22 19:02 ` Wido den Hollander
2013-04-22 23:42 ` Dan Mick
2013-04-23 3:49 ` Sage Weil
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.