upgrade: correct permissions for ceph-mon dirs
Ensure that the directory in /var/lib/ceph/mon for the local mon unit is user writable, ensuring that ceph-mon daemons >= Luminous are able to start. Closes-Bug: 1742083 Change-Id: I9cac4bd258b7038738a693329588420696eac703
This commit is contained in:
parent
1ccf7c2b25
commit
ae147d8a18
|
@ -1311,7 +1311,8 @@ def bootstrap_monitor_cluster(secret):
|
||||||
# Ceph >= 0.61.3 needs this for ceph-mon fs creation
|
# Ceph >= 0.61.3 needs this for ceph-mon fs creation
|
||||||
mkdir('/var/run/ceph', owner=ceph_user(),
|
mkdir('/var/run/ceph', owner=ceph_user(),
|
||||||
group=ceph_user(), perms=0o755)
|
group=ceph_user(), perms=0o755)
|
||||||
mkdir(path, owner=ceph_user(), group=ceph_user())
|
mkdir(path, owner=ceph_user(), group=ceph_user(),
|
||||||
|
perms=0o755)
|
||||||
# end changes for Ceph >= 0.61.3
|
# end changes for Ceph >= 0.61.3
|
||||||
try:
|
try:
|
||||||
add_keyring_to_ceph(keyring,
|
add_keyring_to_ceph(keyring,
|
||||||
|
@ -1705,17 +1706,24 @@ def upgrade_monitor(new_version):
|
||||||
service_stop('ceph-mon-all')
|
service_stop('ceph-mon-all')
|
||||||
apt_install(packages=determine_packages(), fatal=True)
|
apt_install(packages=determine_packages(), fatal=True)
|
||||||
|
|
||||||
|
owner = ceph_user()
|
||||||
|
|
||||||
# Ensure the files and directories under /var/lib/ceph is chowned
|
# Ensure the files and directories under /var/lib/ceph is chowned
|
||||||
# properly as part of the move to the Jewel release, which moved the
|
# properly as part of the move to the Jewel release, which moved the
|
||||||
# ceph daemons to running as ceph:ceph instead of root:root.
|
# ceph daemons to running as ceph:ceph instead of root:root.
|
||||||
if new_version == 'jewel':
|
if new_version == 'jewel':
|
||||||
# Ensure the ownership of Ceph's directories is correct
|
# Ensure the ownership of Ceph's directories is correct
|
||||||
owner = ceph_user()
|
|
||||||
chownr(path=os.path.join(os.sep, "var", "lib", "ceph"),
|
chownr(path=os.path.join(os.sep, "var", "lib", "ceph"),
|
||||||
owner=owner,
|
owner=owner,
|
||||||
group=owner,
|
group=owner,
|
||||||
follow_links=True)
|
follow_links=True)
|
||||||
|
|
||||||
|
# Ensure that mon directory is user writable
|
||||||
|
hostname = socket.gethostname()
|
||||||
|
path = '/var/lib/ceph/mon/ceph-{}'.format(hostname)
|
||||||
|
mkdir(path, owner=ceph_user(), group=ceph_user(),
|
||||||
|
perms=0o755)
|
||||||
|
|
||||||
if systemd():
|
if systemd():
|
||||||
for mon_id in get_local_mon_ids():
|
for mon_id in get_local_mon_ids():
|
||||||
service_start('ceph-mon@{}'.format(mon_id))
|
service_start('ceph-mon@{}'.format(mon_id))
|
||||||
|
|
|
@ -73,6 +73,9 @@ class UpgradeRollingTestCase(unittest.TestCase):
|
||||||
'mon_ip-192-168-1-2_hammer_done 1473279502.69'),
|
'mon_ip-192-168-1-2_hammer_done 1473279502.69'),
|
||||||
])
|
])
|
||||||
|
|
||||||
|
@patch.object(ceph.utils, 'ceph_user')
|
||||||
|
@patch.object(ceph.utils, 'socket')
|
||||||
|
@patch.object(ceph.utils, 'mkdir')
|
||||||
@patch.object(ceph.utils, 'apt_install')
|
@patch.object(ceph.utils, 'apt_install')
|
||||||
@patch.object(ceph.utils, 'chownr')
|
@patch.object(ceph.utils, 'chownr')
|
||||||
@patch.object(ceph.utils, 'service_stop')
|
@patch.object(ceph.utils, 'service_stop')
|
||||||
|
@ -89,10 +92,13 @@ class UpgradeRollingTestCase(unittest.TestCase):
|
||||||
systemd, local_mons, add_source,
|
systemd, local_mons, add_source,
|
||||||
apt_update, status_set, log,
|
apt_update, status_set, log,
|
||||||
service_start, service_stop, chownr,
|
service_start, service_stop, chownr,
|
||||||
apt_install):
|
apt_install, mkdir, socket,
|
||||||
|
ceph_user):
|
||||||
get_version.side_effect = [0.80, 0.94]
|
get_version.side_effect = [0.80, 0.94]
|
||||||
config.side_effect = config_side_effect
|
config.side_effect = config_side_effect
|
||||||
systemd.return_value = False
|
systemd.return_value = False
|
||||||
|
socket.gethostname.return_value = 'testmon'
|
||||||
|
ceph_user.return_value = 'root'
|
||||||
local_mons.return_value = ['a']
|
local_mons.return_value = ['a']
|
||||||
|
|
||||||
ceph.utils.upgrade_monitor('hammer')
|
ceph.utils.upgrade_monitor('hammer')
|
||||||
|
@ -110,7 +116,14 @@ class UpgradeRollingTestCase(unittest.TestCase):
|
||||||
call('maintenance', 'Upgrading monitor'),
|
call('maintenance', 'Upgrading monitor'),
|
||||||
])
|
])
|
||||||
assert not chownr.called
|
assert not chownr.called
|
||||||
|
mkdir.assert_called_with('/var/lib/ceph/mon/ceph-testmon',
|
||||||
|
owner='root',
|
||||||
|
group='root',
|
||||||
|
perms=0o755)
|
||||||
|
|
||||||
|
@patch.object(ceph.utils, 'ceph_user')
|
||||||
|
@patch.object(ceph.utils, 'socket')
|
||||||
|
@patch.object(ceph.utils, 'mkdir')
|
||||||
@patch.object(ceph.utils, 'apt_install')
|
@patch.object(ceph.utils, 'apt_install')
|
||||||
@patch.object(ceph.utils, 'chownr')
|
@patch.object(ceph.utils, 'chownr')
|
||||||
@patch.object(ceph.utils, 'service_stop')
|
@patch.object(ceph.utils, 'service_stop')
|
||||||
|
@ -127,10 +140,13 @@ class UpgradeRollingTestCase(unittest.TestCase):
|
||||||
systemd, local_mons, add_source,
|
systemd, local_mons, add_source,
|
||||||
apt_update, status_set, log,
|
apt_update, status_set, log,
|
||||||
service_start, service_stop, chownr,
|
service_start, service_stop, chownr,
|
||||||
apt_install):
|
apt_install, mkdir, socket,
|
||||||
|
ceph_user):
|
||||||
get_version.side_effect = [0.94, 10.1]
|
get_version.side_effect = [0.94, 10.1]
|
||||||
config.side_effect = config_side_effect
|
config.side_effect = config_side_effect
|
||||||
systemd.return_value = False
|
systemd.return_value = False
|
||||||
|
socket.gethostname.return_value = 'testmon'
|
||||||
|
ceph_user.return_value = 'ceph'
|
||||||
local_mons.return_value = ['a']
|
local_mons.return_value = ['a']
|
||||||
|
|
||||||
ceph.utils.upgrade_monitor('jewel')
|
ceph.utils.upgrade_monitor('jewel')
|
||||||
|
@ -153,6 +169,10 @@ class UpgradeRollingTestCase(unittest.TestCase):
|
||||||
follow_links=True)
|
follow_links=True)
|
||||||
]
|
]
|
||||||
)
|
)
|
||||||
|
mkdir.assert_called_with('/var/lib/ceph/mon/ceph-testmon',
|
||||||
|
owner='ceph',
|
||||||
|
group='ceph',
|
||||||
|
perms=0o755)
|
||||||
|
|
||||||
@patch.object(ceph.utils, 'get_version')
|
@patch.object(ceph.utils, 'get_version')
|
||||||
@patch.object(ceph.utils, 'status_set')
|
@patch.object(ceph.utils, 'status_set')
|
||||||
|
|
|
@ -423,7 +423,8 @@ class CephTestCase(unittest.TestCase):
|
||||||
mock_mkdir.assert_has_calls([
|
mock_mkdir.assert_has_calls([
|
||||||
call('/var/run/ceph', owner='ceph',
|
call('/var/run/ceph', owner='ceph',
|
||||||
group='ceph', perms=0o755),
|
group='ceph', perms=0o755),
|
||||||
call(test_path, owner='ceph', group='ceph'),
|
call(test_path, owner='ceph', group='ceph',
|
||||||
|
perms=0o755),
|
||||||
])
|
])
|
||||||
fake_open.assert_has_calls([call(test_done, 'w'),
|
fake_open.assert_has_calls([call(test_done, 'w'),
|
||||||
call(test_init_marker, 'w')],
|
call(test_init_marker, 'w')],
|
||||||
|
|
Loading…
Reference in New Issue