Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CephNFS: Some fixes for mounting CephNFS using Kerberos auth #12086

Merged
merged 2 commits into from
Apr 14, 2023
Merged

CephNFS: Some fixes for mounting CephNFS using Kerberos auth #12086

merged 2 commits into from
Apr 14, 2023

Conversation

spuiuk
Copy link
Contributor

@spuiuk spuiuk commented Apr 13, 2023

While testing kerberos mounting of CephNFS resources, I came across a few problems which prevent the use of the CephNFS share being used with kerberos authentication. This set of changes fix a part of the problems we see with mounting cephNFS shares using kerberos.

Which issue is resolved by this Pull Request:
#11870
#11925

Checklist:

  • [*] Commit Message Formatting: Commit titles and messages follow guidelines in the developer guide).
  • [*] Skip Tests for Docs: If this is only a documentation change, add the label skip-ci on the PR.
  • [*] Reviewed the developer guide on Submitting a Pull Request
  • [*] Pending release notes updated with breaking and/or notable changes for the next minor release.
  • [*] Documentation has been updated, if necessary.
  • [*] Unit tests have been added, if necessary.
  • [*] Integration tests have been added, if necessary.

@travisn travisn requested a review from BlaineEXE April 13, 2023 18:34
@BlaineEXE
Copy link
Member

Simple. I love it.

@spuiuk the commitlint bot is complaining about the capital D in nfs: Do not .... Could you take care of that so we don't see the error for the backports as well?

@spuiuk
nfs: do not restrict search domain to localhost
08d83a3 
Adding the search domain localhost causes lookup failures.

Many DNS servers have a wildcard entry *.localhost which returns
127.0.0.1. Adding a "search localhost" to resolv.conf appends a
".localhost" for every host lookup for which the DNS server returns
127.0.0.1 which causes failures further down the execution path.

example: with localhost in the search domains
 # ping google.com
PING google.com.localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.071 ms

Closes: rook#11870
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
@spuiuk
nfs: set nsswitch.conf to lookup local files
d3636aa 
When using sssd, the /etc/nsswitch.conf should also include local files
for lookups. This is required when looking up uid 0 and the root user
which are not handled by ldap or other sources.

Closes: rook#11925
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
@spuiuk
Copy link
Contributor Author

spuiuk commented Apr 14, 2023

@BlaineEXE , Thanks. My first encounter with commitlint.

There seems to be a flaky test since the only change I made was to the commit summary.

@BlaineEXE BlaineEXE merged commit e686348 into rook:master Apr 14, 2023
47 of 50 checks passed
@mergify mergify bot mentioned this pull request Apr 14, 2023
Merged
BlaineEXE added a commit that referenced this pull request Apr 18, 2023
@BlaineEXE
Merge pull request #12093 from rook/mergify/bp/release-1.11/pr-12086
445120e 
CephNFS: Some fixes for mounting CephNFS using Kerberos auth (backport #12086)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BlaineEXE BlaineEXE BlaineEXE approved these changes

Assignees
No one assigned
Labels
backport-release-1.11 ceph-nfs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@spuiuk @BlaineEXE