Fix racy conditions with Ceph caps updating

The sed commands are replaced with simpler methods of extracting the cephx cap keys. Change-Id: I783c360569bf17b16d128544b5ab11cb1ce9a7ed
2018-12-03 20:36:52 -06:00 · 2018-12-03 20:36:52 -06:00 · 621d3938db
commit 621d3938db
parent 76fb1fb10a
2 changed files with 9 additions and 4 deletions
--- a/gnocchi/templates/bin/_storage-init.sh.tpl
+++ b/gnocchi/templates/bin/_storage-init.sh.tpl
@ -42,8 +42,7 @@ if USERINFO=$(ceph auth get client.${RBD_POOL_USER}); then
    mon "profile r" \
    osd "profile rwx pool=${RBD_POOL_NAME}" \
    mgr "allow r"
-  KEYSTR=$(echo $USERINFO | sed 's/.*\( key = .*\) caps mon.*/\1/')
-  echo $KEYSTR  > ${KEYRING}
+  ceph auth get client.${RBD_POOL_USER} -o ${KEYRING}
 else
  ceph auth get-or-create client.${RBD_POOL_USER} \
    mon "profile r" \
--- a/libvirt/templates/bin/_ceph-keyring.sh.tpl
+++ b/libvirt/templates/bin/_ceph-keyring.sh.tpl
@ -20,6 +20,12 @@ set -ex
 export HOME=/tmp

 KEYRING=/etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring
+{{- if .Values.conf.ceph.cinder.keyring }}
+cat > ${KEYRING} <<EOF
+[client.{{ .Values.conf.ceph.cinder.user }}]
+    key = {{ .Values.conf.ceph.cinder.keyring }}
+EOF
+{{- else }}
 if ! [ "x${CEPH_CINDER_USER}" == "xadmin" ]; then
  #
  # If user is not client.admin, check if it already exists. If not create
@ -32,8 +38,7 @@ if ! [ "x${CEPH_CINDER_USER}" == "xadmin" ]; then
    ceph auth caps client.${CEPH_CINDER_USER} \
       mon "profile rbd" \
       osd "profile rbd"
-    KEYSTR=$(echo $USERINFO | sed 's/.*\( key = .*\) caps mon.*/\1/')
-    echo $KEYSTR > ${KEYRING}
+    ceph auth get client.${CEPH_CINDER_USER} -o ${KEYRING}
  else
    echo "Creating Cephx user client.${CEPH_CINDER_USER}"
    ceph auth get-or-create client.${CEPH_CINDER_USER} \
@ -43,3 +48,4 @@ if ! [ "x${CEPH_CINDER_USER}" == "xadmin" ]; then
  fi
  rm -f /etc/ceph/ceph.client.admin.keyring
 fi
+{{- end }}