osd: delete the key file deletion in encryption open init containers

The key file deletion process is in the shell script commonly used by all of encryption-open, encryption-open-metadata, and encryption-open-wal init containers. The key file is deleted at the encryption-open init container and encryption-open-metadata and encryption-open-wal init containers are failed to open the key file. The key file is in the /etc/ceph folder. Unless that folder is shared, the key file anyway won't be available in the other init containers even if it is not deleted by these init containers. And it will naturally anyway be deleted after the init containers are completed. So The key file deletion process in shell scripts is unnecessary. Fixes: #13737 Signed-off-by: Yuma Ogami <yuma-ogami@cybozu.co.jp>
rook · Mar 19, 2024 · cdd655e · cdd655e
1 parent a536b36
commit cdd655e
Showing 1 changed file with 0 additions and 1 deletion.
diff --git a/pkg/operator/ceph/cluster/osd/spec.go b/pkg/operator/ceph/cluster/osd/spec.go
@@ -224,7 +224,6 @@ dmsetup version
 function open_encrypted_block {
 	echo "Opening encrypted device $BLOCK_PATH at $DM_PATH"
 	cryptsetup luksOpen --verbose --disable-keyring --allow-discards --key-file "$KEY_FILE_PATH" "$BLOCK_PATH" "$DM_NAME"
-	rm -f "$KEY_FILE_PATH"
 }
 
 # This is done for upgraded clusters that did not have the subsystem and label set by the prepare job