]>
Commit | Line | Data |
---|---|---|
11fdf7f2 TL |
1 | =================== |
2 | config-key layout | |
3 | =================== | |
4 | ||
5 | *config-key* is a general-purpose key/value storage service offered by | |
6 | the mons. Generally speaking, you can put whatever you want there. | |
7 | Current in-tree users should be captured here with their key layout | |
8 | schema. | |
9 | ||
10 | OSD dm-crypt keys | |
11 | ================= | |
12 | ||
13 | Key:: | |
14 | ||
15 | dm-crypt/osd/$OSD_UUID/luks = <json string> | |
16 | ||
17 | The JSON payload has the form:: | |
18 | ||
19 | { "dm-crypt": <secret> } | |
20 | ||
21 | where the secret is a base64 encoded LUKS key. | |
22 | ||
23 | Created by the 'osd new' command (see OSDMonitor.cc). | |
24 | ||
25 | Consumed by ceph-volume, and similar tools. Normally access to the | |
26 | dm-crypt/osd/$OSD_UUID prefix is allowed by a client.osd-lockbox.$OSD_UUID | |
27 | cephx key, such that only the appropriate host can retrieve the LUKS key (which | |
28 | in turn decrypts the actual raw key, also stored on the device itself). | |
29 | ||
30 | ||
31 | ceph-mgr modules | |
32 | ================ | |
33 | ||
34 | The convention for keys is:: | |
35 | ||
36 | mgr/$MODULE/$option = $value | |
37 | ||
38 | or:: | |
39 | ||
40 | mgr/$MODULE/$MGRID/$option = $value | |
41 | ||
42 | For example,:: | |
43 | ||
44 | mgr/dashboard/server_port = 80 | |
45 | mgr/dashboard/foo/server_addr = 1.2.3.4 | |
46 | mgr/dashboard/bar/server_addr = 1.2.3.5 | |
47 | ||
48 | ||
49 | Configuration | |
50 | ============= | |
51 | ||
52 | Configuration options for clients and daemons are also stored in config-key. | |
53 | ||
54 | Keys take the form:: | |
55 | ||
56 | config/$option = $value | |
57 | config/$type/$option = $value | |
58 | config/$type.$id/$option = $value | |
59 | config/$type.$id/$mask[/$mask2...]/$option = $value | |
60 | ||
61 | Where | |
62 | ||
63 | * `type` is a daemon type (`osd`, `mon`, `mds`, `mgr`, `client`) | |
64 | * `id` is a daemon id (e.g., `0`, `foo`), such that `$type.$id` is something like `osd.123` or `mds.foo`) | |
65 | * `mask` restricts who the option applies to, and can take two forms: | |
66 | ||
67 | #. `$crush_type:$crush_value`. For example, `rack:foorack` | |
68 | #. `class:$classname`, in reference to CRUSH device classes (e.g., `ssd`) |