nfs: set idmap config for Ceph-NFS (bp #6338) #6422
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![mergify[bot]](https://avatars.githubusercontent.com/in/10562?s=60&v=4){kind=small}
Currently NFS Ganesha (ceph-nfs) consumes /etc/idmapd.conf, which controls mapping of user/owner identities under NFSv4+. With containerized service deployment, this file is an immutable part of the container image and cannot be modified. Here we provide group variables, and a taskk and templates for the ceph-nfs role, to set the path of the idmap configuration file and to make the most common adjustment to the contents of that file -- namely to set the 'Domain'. We default the path to /etc/ganesha/idmap.conf so that we will not conflict with /etc/idmapd.conf on the controller nodes where ganesha runs. NFSv4 clients, as used for example by the Cinder NFS driver, consume /etc/idmapd.conf and may require different settings than what is wanted for NFS Ganesha. Additionally, because we already bind /etc/ganesha from the host into the ceph-nfs container, the file NFS Ganesha consumes will no longer be an immutable part of the container. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1925646 Signed-off-by: Tom Barron tpb@dyncloud.net Co-Authored-by: Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 2db2208)
|
jenkins test centos-non_container-switch_to_containers |
|
jenkins test centos-non_container-collocation |
|
jenkins test centos-container-lvm_osds |
|
jenkins test centos-container-all_daemons |
|
jenkins test centos-container-collocation |
|
jenkins test centos-container-all_in_one |
|
jenkins test centos-container-external_clients |
|
jenkins test centos-container-lvm_batch |
|
jenkins test centos-container-lvm_osds |
|
jenkins test centos-container-lvm_batch |
|
jenkins test centos-container-external_clients |
|
jenkins test centos-container-all_daemons |
|
jenkins test centos-container-collocation |
|
jenkins test centos-container-all_in_one |
|
jenkins test centos-container-lvm_osds |
|
jenkins test centos-container-all_daemons |
|
jenkins test centos-container-all_in_one |
|
jenkins test centos-container-collocation |
openstack-mirroring
pushed a commit
to openstack-archive/tripleo-heat-templates
that referenced
this pull request
Jun 7, 2021
Traditionally, Ganesha consumes /etc/idmapd.conf, which controls mapping of user/owner identities under NFSv4+. With containerized service deployment, this file has beenan immutable part of the container image and could not be modified. Recently ceph-ansible was modified to allow the user to set the path for idmapd.conf and to override ini settings in this file by supplying json configuration for the overrides in the same way that it can be supplied for ceph.conf overrides [1]. Also, the default path setting for the idmapd.conf file is /etc/ganesha/idmap.conf, which already is reflected into containerized ganesha under /etc/ganesha, solving the immutability issue. If no overrides are supplied, the file put in this location will match that originally frozen into the container, so there is no issue here with backwards compatibility. This change exposes parameters for idmap.conf file path and override contents in TripleO and passes them into ceph-ansible. It also sets up these parameters for cephadm. Cephadm support for OpenStack Ganesha is WIP so there will likely need to be a followup patch to make these effective when cephadm replaces ceph ansible. [1] ceph/ceph-ansible#6422 Change-Id: I422e49f0027efbbb25256d8b4718eb0aa78d90a4
openstack-mirroring
pushed a commit
to openstack/openstack
that referenced
this pull request
Jun 7, 2021
* Update tripleo-heat-templates from branch 'master'
to 8569ec942fa7db465e3b943e6ad1ddd5dfb2d393
- Merge "set ganesha idmap.conf file path and overrides"
- set ganesha idmap.conf file path and overrides
Traditionally, Ganesha consumes /etc/idmapd.conf, which controls
mapping of user/owner identities under NFSv4+. With containerized service
deployment, this file has beenan immutable part of the container image
and could not be modified.
Recently ceph-ansible was modified to allow the user to set the path
for idmapd.conf and to override ini settings in this file by supplying
json configuration for the overrides in the same way that it can be
supplied for ceph.conf overrides [1]. Also, the default path setting
for the idmapd.conf file is /etc/ganesha/idmap.conf, which already is
reflected into containerized ganesha under /etc/ganesha, solving the
immutability issue. If no overrides are supplied, the file put in this
location will match that originally frozen into the container, so there
is no issue here with backwards compatibility.
This change exposes parameters for idmap.conf file path and override
contents in TripleO and passes them into ceph-ansible. It also sets up
these parameters for cephadm. Cephadm support for OpenStack Ganesha
is WIP so there will likely need to be a followup patch to make these
effective when cephadm replaces ceph ansible.
[1] ceph/ceph-ansible#6422
Change-Id: I422e49f0027efbbb25256d8b4718eb0aa78d90a4
openstack-mirroring
pushed a commit
to openstack-archive/tripleo-heat-templates
that referenced
this pull request
Jun 8, 2021
Traditionally, Ganesha consumes /etc/idmapd.conf, which controls mapping of user/owner identities under NFSv4+. With containerized service deployment, this file has beenan immutable part of the container image and could not be modified. Recently ceph-ansible was modified to allow the user to set the path for idmapd.conf and to override ini settings in this file by supplying json configuration for the overrides in the same way that it can be supplied for ceph.conf overrides [1]. Also, the default path setting for the idmapd.conf file is /etc/ganesha/idmap.conf, which already is reflected into containerized ganesha under /etc/ganesha, solving the immutability issue. If no overrides are supplied, the file put in this location will match that originally frozen into the container, so there is no issue here with backwards compatibility. This change exposes parameters for idmap.conf file path and override contents in TripleO and passes them into ceph-ansible. It also sets up these parameters for cephadm. Cephadm support for OpenStack Ganesha is WIP so there will likely need to be a followup patch to make these effective when cephadm replaces ceph ansible. [1] ceph/ceph-ansible#6422 Change-Id: I422e49f0027efbbb25256d8b4718eb0aa78d90a4 (cherry picked from commit 9a42686)
openstack-mirroring
pushed a commit
to openstack-archive/tripleo-heat-templates
that referenced
this pull request
Jun 10, 2021
Traditionally, Ganesha consumes /etc/idmapd.conf, which controls mapping of user/owner identities under NFSv4+. With containerized service deployment, this file has beenan immutable part of the container image and could not be modified. Recently ceph-ansible was modified to allow the user to set the path for idmapd.conf and to override ini settings in this file by supplying json configuration for the overrides in the same way that it can be supplied for ceph.conf overrides [1]. Also, the default path setting for the idmapd.conf file is /etc/ganesha/idmap.conf, which already is reflected into containerized ganesha under /etc/ganesha, solving the immutability issue. If no overrides are supplied, the file put in this location will match that originally frozen into the container, so there is no issue here with backwards compatibility. This change exposes parameters for idmap.conf file path and override contents in TripleO and passes them into ceph-ansible. It also sets up these parameters for cephadm. Cephadm support for OpenStack Ganesha is WIP so there will likely need to be a followup patch to make these effective when cephadm replaces ceph ansible. [1] ceph/ceph-ansible#6422 Change-Id: I422e49f0027efbbb25256d8b4718eb0aa78d90a4 (cherry picked from commit 9a42686) (cherry picked from commit b2a8641)
openstack-mirroring
pushed a commit
to openstack-archive/tripleo-heat-templates
that referenced
this pull request
Jun 12, 2021
Traditionally, Ganesha consumes /etc/idmapd.conf, which controls mapping of user/owner identities under NFSv4+. With containerized service deployment, this file has beenan immutable part of the container image and could not be modified. Recently ceph-ansible was modified to allow the user to set the path for idmapd.conf and to override ini settings in this file by supplying json configuration for the overrides in the same way that it can be supplied for ceph.conf overrides [1]. Also, the default path setting for the idmapd.conf file is /etc/ganesha/idmap.conf, which already is reflected into containerized ganesha under /etc/ganesha, solving the immutability issue. If no overrides are supplied, the file put in this location will match that originally frozen into the container, so there is no issue here with backwards compatibility. This change exposes parameters for idmap.conf file path and override contents in TripleO and passes them into ceph-ansible. It also sets up these parameters for cephadm. Cephadm support for OpenStack Ganesha is WIP so there will likely need to be a followup patch to make these effective when cephadm replaces ceph ansible. [1] ceph/ceph-ansible#6422 Change-Id: I422e49f0027efbbb25256d8b4718eb0aa78d90a4 (cherry picked from commit 9a42686) (cherry picked from commit b2a8641) (cherry picked from commit 823ec82)
openstack-mirroring
pushed a commit
to openstack-archive/tripleo-heat-templates
that referenced
this pull request
Jun 15, 2021
Traditionally, Ganesha consumes /etc/idmapd.conf, which controls mapping of user/owner identities under NFSv4+. With containerized service deployment, this file has beenan immutable part of the container image and could not be modified. Recently ceph-ansible was modified to allow the user to set the path for idmapd.conf and to override ini settings in this file by supplying json configuration for the overrides in the same way that it can be supplied for ceph.conf overrides [1]. Also, the default path setting for the idmapd.conf file is /etc/ganesha/idmap.conf, which already is reflected into containerized ganesha under /etc/ganesha, solving the immutability issue. If no overrides are supplied, the file put in this location will match that originally frozen into the container, so there is no issue here with backwards compatibility. This change exposes parameters for idmap.conf file path and override contents in TripleO and passes them into ceph-ansible. It also sets up these parameters for cephadm. Cephadm support for OpenStack Ganesha is WIP so there will likely need to be a followup patch to make these effective when cephadm replaces ceph ansible. [1] ceph/ceph-ansible#6422 Change-Id: I422e49f0027efbbb25256d8b4718eb0aa78d90a4 (cherry picked from commit 9a42686) (cherry picked from commit b2a8641) (cherry picked from commit 823ec82) (cherry picked from commit e580b84)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is an automatic backport of pull request #6338 done by Mergify.
Mergify commands and options
More conditions and actions can be found in the documentation.
You can also trigger Mergify actions by commenting on this pull request:
@Mergifyio refreshwill re-evaluate the rules@Mergifyio rebasewill rebase this PR on its base branch@Mergifyio updatewill merge the base branch into this PR@Mergifyio backport <destination>will backport this PR on<destination>branchAdditionally, on Mergify dashboard you can:
Finally, you can contact us on https://mergify.io/