On Wed, Oct 1, 2014 at 2:56 PM, Ramakrishnan Periyasamy
<[email protected]> wrote:
> Hi,
>
>
>
> I have a doubt in mapping rbd using client keyring file. Created keyring as
> below
>
>
>
> sudo ceph-authtool -C -n client.foo --gen-key /etc/ceph/keyring
>
> sudo chmod +r /etc/ceph/keyring
>
> sudo ceph-authtool -n client.foo --cap mds 'allow' --cap osd 'allow rw
> pool=pool1' --cap mon 'allow r' /etc/ceph/keyring
>
> sudo ceph-authtool -l /etc/ceph/keyring
>
> sudo ceph -k /etc/ceph/ceph.client.admin.keyring auth add client.foo -i
> /etc/ceph/keyring
>
>
>
> root@client1:~$ sudo cat /etc/ceph/keyring
>
> [client.foo]
>
> key = AQDkeSlUWGa6ExAAf2T/S6kJdQtRJqNoovinWw==
>
> caps mds = "allow"
>
> caps mon = "allow r"
>
> caps osd = "allow r pool=pool1"
>
>
>
> I tried mapping rbd and got following error message
>
>
>
> root@client1:~$ sudo rbd map img1 -p pool1 -n client.foo -k
> /etc/ceph/keyring
>
> 2014-10-01 21:37:43.404051 7f3858d4a840 2 auth: KeyRing::load: loaded key
> file /etc/ceph/keyring
>
> rbd: sysfs write failed
>
> rbd: map failed: (34) Numerical result out of range
This is a busted error code, read -EPERM.. Fixed in testing.
>
>
>
> How to map an rbd after setting read-only permission for particular pool ?
You can't do that, however you can establish a read-only mapping with
'rbd map --read-only'. The reason is 'rbd map' (even with --read-only
switch) issues a write osd op to setup watch/notify stuff. Moreover,
you need the 'x' bit as well: rbd client needs to be able to execute cls
methods to function.
Thanks,
Ilya
_______________________________________________
ceph-users mailing list
[email protected]
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
