openstack/openstack-helm
Code Issues Proposed changes

OSD: remove redundant DMCRYPT setup

Browse Source 
This PS removes the redundant dmcrypt setup from the OSD scripts.

Change-Id: I40b0c0a0be8a32340d992dc690a76980a129ca90
This commit is contained in:
portdirect 2018-02-24 20:13:33 -05:00
parent 1cfb0308b9
commit 84db0873d3
2 changed files with 2 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ceph/templates/bin/osd/_init.sh.tpl
View File

@ -206,22 +206,8 @@ function osd_disk_prepare {
if [ "x$JOURNAL_TYPE" == "xdirectory" ]; then if [ "x$JOURNAL_TYPE" == "xdirectory" ]; then
export OSD_JOURNAL="--journal-file" export OSD_JOURNAL="--journal-file"
fi fi
if [[ ${OSD_DMCRYPT} -eq 1 ]]; then
# the admin key must be present on the node
if [[ ! -e $ADMIN_KEYRING ]]; then
echo "ERROR- $ADMIN_KEYRING must exist; get it from your existing mon"
exit 1
fi
# in order to store the encrypted key in the monitor's k/v store
ceph-disk -v prepare ${CLI_OPTS} --journal-uuid ${OSD_JOURNAL_UUID} --lockbox-uuid ${OSD_LOCKBOX_UUID} --dmcrypt ${OSD_DEVICE} ${OSD_JOURNAL}
echo "Unmounting LOCKBOX directory"
# NOTE(leseb): adding || true so when this bug will be fixed the entrypoint will not fail
# Ceph bug tracker: http://tracker.ceph.com/issues/18944
DATA_UUID=$(blkid -o value -s PARTUUID ${OSD_DEVICE}1)
umount /var/lib/ceph/osd-lockbox/${DATA_UUID} || true
else
ceph-disk -v prepare ${CLI_OPTS} --journal-uuid ${OSD_JOURNAL_UUID} ${OSD_DEVICE} ${OSD_JOURNAL} ceph-disk -v prepare ${CLI_OPTS} --journal-uuid ${OSD_JOURNAL_UUID} ${OSD_DEVICE} ${OSD_JOURNAL}
fi
# watch the udev event queue, and exit if all current events are handled # watch the udev event queue, and exit if all current events are handled
udevadm settle --timeout=600 udevadm settle --timeout=600

11
ceph/templates/daemonset-osd.yaml
View File

@ -102,10 +102,6 @@ spec:
mountPath: /etc/ceph/ceph.conf mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf subPath: ceph.conf
readOnly: true readOnly: true
- name: ceph-client-admin-keyring
mountPath: /etc/ceph/ceph.client.admin.keyring
subPath: ceph.client.admin.keyring
readOnly: false
- name: ceph-bootstrap-osd-keyring - name: ceph-bootstrap-osd-keyring
mountPath: /var/lib/ceph/bootstrap-osd/ceph.keyring mountPath: /var/lib/ceph/bootstrap-osd/ceph.keyring
subPath: ceph.keyring subPath: ceph.keyring
@ -196,10 +192,6 @@ spec:
mountPath: /etc/ceph/ceph.conf mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf subPath: ceph.conf
readOnly: true readOnly: true
- name: ceph-client-admin-keyring
mountPath: /etc/ceph/ceph.client.admin.keyring
subPath: ceph.client.admin.keyring
readOnly: false
- name: ceph-bootstrap-osd-keyring - name: ceph-bootstrap-osd-keyring
mountPath: /var/lib/ceph/bootstrap-osd/ceph.keyring mountPath: /var/lib/ceph/bootstrap-osd/ceph.keyring
subPath: ceph.keyring subPath: ceph.keyring
@ -242,9 +234,6 @@ spec:
configMap: configMap:
name: {{ $configMapName }} name: {{ $configMapName }}
defaultMode: 0444 defaultMode: 0444
- name: ceph-client-admin-keyring
secret:
secretName: {{ .Values.secrets.keyrings.admin }}
- name: ceph-bootstrap-osd-keyring - name: ceph-bootstrap-osd-keyring
secret: secret:
secretName: {{ .Values.secrets.keyrings.osd }} secretName: {{ .Values.secrets.keyrings.osd }}