Re: [one-users] opennebula and ceph authentication

[Campbell, Bill]

>From what I understand you want to be sure to have authentication enabled
when you first configure the cluster.  I *believe* you can turn it on
afterwards, but I had trouble doing so (to be honest I haven't attempted
this on the Bobtail and up release of Ceph, as we use Cephx authentication
by default anyway).

 

What you want to be sure if cephx authentication is on is to copy the
contents of /etc/ceph (particularly the ceph.conf and the ceph.keyring)
from the ceph cluster to the hypervisor node, and be sure that it is
readable by the oneadmin user or group.  What we do is copy the file over
to the hypervisor, change ownership to root.oneadmin, and change
permissions to 640.  Try that and see if it helps get the VM to boot.

 

From: users-boun...@lists.opennebula.org
[mailto:users-boun...@lists.opennebula.org] On Behalf Of George
Kissandrakis
Sent: Monday, June 03, 2013 5:23 AM
To: users@lists.opennebula.org
Subject: [one-users] opennebula and ceph authentication

 

Hi

 

I have setup opennebula and ceph 

Everything works fine if ceph authentication is off (Case 1)

When i enable ceph authentication (Case 2) the VM does not boot

 

Case 1

ceph.conf 

  auth cluster required = none

  auth service required = none

  auth client required = none

 

oneadmin@cephkvm01-int:~$ kvm -drive
file=rbd:one/one-3:auth_supported=none,if=none,id=drive-ide0-0-0,format=ra
w,cache=none

 

the VM starts normally

 

Case 2

ceph.conf 

  auth cluster required = cephx

  auth service required = cephx

  auth client required = cephx

 

Case 2.1 if i run 

kvm -drive
file=rbd:one/one-3:auth_supported=none,if=none,id=drive-ide0-0-0,format=ra
w,cache=none

 

i get

 

kvm: -drive
file=rbd:one/one-3:auth_supported=none,if=none,id=drive-ide0-0-0,format=ra
w,cache=none: could not open disk image rbd:one/one-3:auth_supported=none:
Operation not supported

 

Case 2.2

if i run 

kvm -drive
file=rbd:one/one-3:auth_supported=cephx,if=none,id=drive-ide0-0-0,format=r
aw,cache=none

 

the VM starts normally

 

 

Case 2.1 is what sunstone configures auth_supported=none

How can i add custom auth_supported=cephx from sunstone?

 

Thank you

George Kissandrakis


NOTICE: Protect the information in this message in accordance with the 
company's security policies. If you received this message in error, immediately 
notify the sender and destroy all copies.
_______________________________________________
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org