Merge lp:~james-page/charms/precise/ceph/fixup-mon-perms into lp:~charmers/charms/precise/ceph/trunk
Proposed by
James Page
Status: | Merged | ||||
---|---|---|---|---|---|
Merged at revision: | 65 | ||||
Proposed branch: | lp:~james-page/charms/precise/ceph/fixup-mon-perms | ||||
Merge into: | lp:~charmers/charms/precise/ceph/trunk | ||||
Diff against target: |
71 lines (+29/-2) 2 files modified
hooks/ceph.py (+15/-2) hooks/hooks.py (+14/-0) |
||||
To merge this branch: | bzr merge lp:~james-page/charms/precise/ceph/fixup-mon-perms | ||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Adam Gandelman (community) | Approve | ||
Review via email: mp+186997@code.launchpad.net |
Description of the change
Fixup mon permissions for client and radosgw so pools can be created still
To post a comment you must log in.
This looks good. As discussed, one concern with increasing the mon permissions is that each client can now delete any pool. Since we can infer the name of the pool the client is creating, it would be nice/safer to restrict the mon operations to a the client's pool but ceph does not appear to allow restricting mon operations to a single pool (like with 'osd allow rw pool=foo'). Lets go ahead with this patch and make sure we follow up with a patch to allow new clients to have their pools created by the ceph charm thus allowing for the rw perm to be removed (which should not break compatibility since the client does not attempt to create the pool if it already exists).