[pve-devel] [PATCH manager] cleanup: don't copy ceph's admin keyring to /etc/ceph

Alwin Antreich a.antreich at proxmox.com
Wed Jul 10 16:49:09 CEST 2019


As this is done only on the first node that runs pveceph init, it might
be confusing for users to see it only on one node in the cluster. The
client section in the ceph.conf references the key under /etc/pve/priv/,
so all ceph tools will look for it there anyway.

Signed-off-by: Alwin Antreich <a.antreich at proxmox.com>
---
Note: after some more thought and discussion, it seems that the copy of
      the keyring to /etc/ceph is not needed

 PVE/Ceph/Tools.pm | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/PVE/Ceph/Tools.pm b/PVE/Ceph/Tools.pm
index ff00ba15..de99718e 100644
--- a/PVE/Ceph/Tools.pm
+++ b/PVE/Ceph/Tools.pm
@@ -241,11 +241,6 @@ sub get_or_create_admin_keyring {
 	    "--cap osd 'allow *' " .
 	    "--cap mds 'allow *' " .
 	    "--cap mgr 'allow *' ");
-	# we do not want to overwrite it
-	if (! -f $ckeyring_path) {
-	    run_command("cp $pve_ckeyring_path $ckeyring_path");
-	    run_command("chown ceph:ceph $ckeyring_path");
-	}
     }
     return $pve_ckeyring_path;
 }
-- 
2.20.1





More information about the pve-devel mailing list