From: Scott Sullivan <ssullivan@liquidweb.com>
To: Dan Mick <dan.mick@inktank.com>,
FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Cc: stgt@vger.kernel.org
Subject: Re: Patch for adding virsecretuuid & cephx_key ids to --bsopts
Date: Mon, 21 Jul 2014 15:34:46 -0400 [thread overview]
Message-ID: <53CD6B56.3030605@liquidweb.com> (raw)
In-Reply-To: <53A12851.1060107@inktank.com>
On 06/18/2014 01:49 AM, Dan Mick wrote:
> I've seen this; I'm traveling/busy this week so will try to give it
> some thought, but no promises
ping ?
>
>
> On 06/17/2014 08:30 AM, FUJITA Tomonori wrote:
>> Added Dan to To:
>>
>> On Tue, 17 Jun 2014 08:49:14 -0400
>> Scott Sullivan <ssullivan@liquidweb.com> wrote:
>>
>>> Hello,
>>>
>>> Below is a patch that adds two new params to --bsopts for RBD backing
>>> stores (virsecretuuid & cephx_key). This was very useful for me, since
>>> it is nice to be able to give the required authentication detail in
>>> the same place as the id. I have tested and both options work, as well
>>> as the error condition if both options are given (made them conflict).
>>>
>>> I have verified the patch passes scripts/checkpatch.pl style
>>> guidelines. Is there any interest in applying this patch? Im using
>>> this internally with success; for us at least this is a desirable
>>> thing to have.
>>>
>>>
>>> From 5359b581c5e7bf434979becaefc53a711ef88432 Mon Sep 17 00:00:00 2001
>>> From: Scott Sullivan <ssullivan@liquidweb.com>
>>> Date: Tue, 17 Jun 2014 08:16:09 -0400
>>> Subject: [PATCH] bsopts: Add virsecretuuid && cephx_key
>>>
>>> Allow passing either a libvirt secret UUID, or a cephx_key to
>>> --bsopts. Options are
>>> conflicting, so error if both options given. This allows one to do
>>> this:
>>>
>>> --bsopts="conf=/etc/ceph/ceph.conf;id=cephx_user;virsecretuuid=$MY_LIBVIRT_SECRET_UUID"
>>>
>>> -OR-
>>> --bsopts="conf=/etc/ceph/ceph.conf;id=cephx_user;cephx_key=$MY_KEY"
>>>
>>> Signed-off-by: Scott Sullivan <ssullivan@liquidweb.com>
>>> ---
>>> usr/bs_rbd.c | 64
>>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>>> 1 file changed, 64 insertions(+)
>>>
>>> diff --git a/usr/bs_rbd.c b/usr/bs_rbd.c
>>> index 3a052ed..86857b9 100644
>>> --- a/usr/bs_rbd.c
>>> +++ b/usr/bs_rbd.c
>>> @@ -517,6 +517,9 @@ static tgtadm_err bs_rbd_init(struct scsi_lu *lu,
>>> char *bsopts)
>>> struct active_rbd *rbd = RBDP(lu);
>>> char *confname = NULL;
>>> char *clientid = NULL;
>>> + char *virsecretuuid = NULL;
>>> + char *given_cephx_key = NULL;
>>> + char disc_cephx_key[256];
>>> char *clustername = NULL;
>>> char clientid_full[128];
>>> char *ignore = NULL;
>>> @@ -532,6 +535,10 @@ static tgtadm_err bs_rbd_init(struct scsi_lu *lu,
>>> char *bsopts)
>>> clientid = slurp_value(&bsopts);
>>> else if (is_opt("cluster", bsopts))
>>> clustername = slurp_value(&bsopts);
>>> + else if (is_opt("virsecretuuid", bsopts))
>>> + virsecretuuid = slurp_value(&bsopts);
>>> + else if (is_opt("cephx_key", bsopts))
>>> + given_cephx_key = slurp_value(&bsopts);
>>> else {
>>> ignore = slurp_to_semi(&bsopts);
>>> eprintf("bs_rbd: ignoring unknown option \"%s\"\n",
>>> @@ -547,6 +554,41 @@ static tgtadm_err bs_rbd_init(struct scsi_lu *lu,
>>> char *bsopts)
>>> eprintf("bs_rbd_init: confname %s\n", confname);
>>> if (clustername)
>>> eprintf("bs_rbd_init: clustername %s\n", clustername);
>>> + if (virsecretuuid)
>>> + eprintf("bs_rbd_init: virsecretuuid %s\n", virsecretuuid);
>>> + if (given_cephx_key)
>>> + eprintf("bs_rbd_init: given_cephx_key %s\n", given_cephx_key);
>>> +
>>> + /* virsecretuuid && given_cephx_key are conflicting options. */
>>> + if (virsecretuuid && given_cephx_key) {
>>> + eprintf("Conflicting options virsecretuuid=[%s] cephx_key=[%s]",
>>> + virsecretuuid, given_cephx_key);
>>> + goto fail;
>>> + }
>>> +
>>> + /* Get stored key from secret uuid. */
>>> + if (virsecretuuid) {
>>> + char libvir_uuid_file_path_buf[256] = "/etc/libvirt/secrets/";
>>> + strcat(libvir_uuid_file_path_buf, virsecretuuid);
>>> + strcat(libvir_uuid_file_path_buf, ".base64");
>>> +
>>> + FILE *fp;
>>> + fp = fopen(libvir_uuid_file_path_buf , "r");
>>> + if (fp == NULL) {
>>> + eprintf("bs_rbd_init: Unable to read %s\n",
>>> + libvir_uuid_file_path_buf);
>>> + goto fail;
>>> + }
>>> + if (fgets(disc_cephx_key, 256, fp) == NULL) {
>>> + eprintf("bs_rbd_init: Unable to read %s\n",
>>> + libvir_uuid_file_path_buf);
>>> + goto fail;
>>> + }
>>> + fclose(fp);
>>> + strtok(disc_cephx_key, "\n");
>>> +
>>> + eprintf("bs_rbd_init: disc_cephx_key %s\n", disc_cephx_key);
>>> + }
>>>
>>> eprintf("bs_rbd_init bsopts=%s\n", bsopts);
>>> /*
>>> @@ -570,6 +612,7 @@ static tgtadm_err bs_rbd_init(struct scsi_lu *lu,
>>> char *bsopts)
>>> eprintf("bs_rbd_init: rados_create: %d\n", rados_ret);
>>> return ret;
>>> }
>>> +
>>> /*
>>> * Read config from environment, then conf file(s) which may
>>> * be set by conf=
>>> @@ -584,6 +627,23 @@ static tgtadm_err bs_rbd_init(struct scsi_lu *lu,
>>> char *bsopts)
>>> eprintf("bs_rbd_init: rados_conf_read_file: %d\n",
>>> rados_ret);
>>> goto fail;
>>> }
>>> +
>>> + /* Set given key */
>>> + if (virsecretuuid) {
>>> + if (rados_conf_set(rbd->cluster, "key", disc_cephx_key) < 0) {
>>> + eprintf("bs_rbd_init: failed to set cephx_key: %s\n",
>>> + disc_cephx_key);
>>> + goto fail;
>>> + }
>>> + }
>>> + if (given_cephx_key) {
>>> + if (rados_conf_set(rbd->cluster, "key", given_cephx_key) < 0) {
>>> + eprintf("bs_rbd_init: failed to set cephx_key: %s\n",
>>> + given_cephx_key);
>>> + goto fail;
>>> + }
>>> + }
>>> +
>>> rados_ret = rados_connect(rbd->cluster);
>>> if (rados_ret < 0) {
>>> eprintf("bs_rbd_init: rados_connect: %d\n", rados_ret);
>>> @@ -595,6 +655,10 @@ fail:
>>> free(confname);
>>> if (clientid)
>>> free(clientid);
>>> + if (virsecretuuid)
>>> + free(virsecretuuid);
>>> + if (given_cephx_key)
>>> + free(given_cephx_key);
>>>
>>> return ret;
>>> }
>>> --
>>> 1.7.10.4
>>>
>>> --
>>> To unsubscribe from this list: send the line "unsubscribe stgt" in
>>> the body of a message to majordomo@vger.kernel.org
>>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
next prev parent reply other threads:[~2014-07-21 19:34 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-17 12:49 Patch for adding virsecretuuid & cephx_key ids to --bsopts Scott Sullivan
2014-06-17 15:30 ` FUJITA Tomonori
2014-06-18 5:49 ` Dan Mick
2014-07-21 19:34 ` Scott Sullivan [this message]
2014-07-25 7:31 ` FUJITA Tomonori
2014-07-25 11:25 ` Scott Sullivan
2014-07-25 14:38 ` FUJITA Tomonori
2014-07-25 14:47 ` FUJITA Tomonori
2014-07-25 14:56 ` Scott Sullivan
2014-07-26 6:07 ` Dan Mick
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53CD6B56.3030605@liquidweb.com \
--to=ssullivan@liquidweb.com \
--cc=dan.mick@inktank.com \
--cc=fujita.tomonori@lab.ntt.co.jp \
--cc=stgt@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.