← Back to branch summary

~hopem/charms/precise/ceph/lp1228316

« back to all changes in this revision

Viewing changes to hooks/ceph.py

  • Committer: James Page
  • Date: 2012-10-09 15:11:19 UTC
  • Revision ID: james.page@canonical.com-20121009151119-dkjc8po1iq1utpgb
Added client hooks with basic permissions for cephx

Show diffs side-by-side

added added

removed removed

Lines of Context:
hooks/ceph.py
98
98
 
99
99
 
100
100
def get_osd_bootstrap_key():
101
 
    cmd = [
102
 
        'ceph',
103
 
        '--name', 'mon.',
104
 
        '--keyring',
105
 
        '/var/lib/ceph/mon/ceph-{}/keyring'.format(
106
 
                                        utils.get_unit_hostname()
107
 
                                        ),
108
 
        'auth', 'get-or-create', 'client.bootstrap-osd',
109
 
        ]
110
 
    # Add capabilities
111
 
    for subsystem, subcaps in _osd_bootstrap_caps.iteritems():
112
 
        cmd.extend([
113
 
            subsystem,
114
 
            '; '.join(subcaps),
115
 
            ])
116
 
    output = subprocess.check_output(cmd).strip()  # IGNORE:E1103
117
 
    # get-or-create appears to have different output depending
118
 
    # on whether its 'get' or 'create'
119
 
    # 'create' just returns the key, 'get' is more verbose and
120
 
    # needs parsing
121
 
    key = None
122
 
    if len(output.splitlines()) == 1:
123
 
        key = output
124
 
    else:
125
 
        for element in output.splitlines():
126
 
            if 'key' in element:
127
 
                key = element.split(' = ')[1].strip()  # IGNORE:E1103
128
 
    return key
 
101
    return get_named_key('bootstrap-osd', _osd_bootstrap_caps)
129
102
 
130
103
 
131
104
_radosgw_keyring = "/etc/ceph/keyring.rados.gateway"
150
123
 
151
124
 
152
125
def get_radosgw_key():
 
126
    return get_named_key('radosgw.gateway', _radosgw_caps)
 
127
 
 
128
 
 
129
_default_caps = {
 
130
    'mon': ['allow r'],
 
131
    'osd': ['allow rwx']
 
132
    }
 
133
 
 
134
 
 
135
def get_named_key(name, caps=None):
 
136
    caps = caps or _default_caps
153
137
    cmd = [
154
138
        'ceph',
155
139
        '--name', 'mon.',
157
141
        '/var/lib/ceph/mon/ceph-{}/keyring'.format(
158
142
                                        utils.get_unit_hostname()
159
143
                                        ),
160
 
        'auth', 'get-or-create', 'client.radosgw.gateway',
 
144
        'auth', 'get-or-create', 'client.{}'.format(name),
161
145
        ]
162
146
    # Add capabilities
163
 
    for subsystem, subcaps in _radosgw_caps.iteritems():
 
147
    for subsystem, subcaps in caps.iteritems():
164
148
        cmd.extend([
165
149
            subsystem,
166
150
            '; '.join(subcaps),