]>
git.proxmox.com Git - pve-storage.git/blob - PVE/CephConfig.pm
1 package PVE
::CephConfig
;
6 use PVE
::Tools
qw(run_command);
7 use PVE
::Cluster
qw(cfs_register_file);
9 cfs_register_file
('ceph.conf',
13 sub parse_ceph_config
{
14 my ($filename, $raw) = @_;
17 return $cfg if !defined($raw);
19 my @lines = split /\n/, $raw;
23 foreach my $line (@lines) {
30 $section = $1 if $line =~ m/^\[(\S+)\]$/;
32 warn "no section - skip: $line\n";
36 if ($line =~ m/^(.*?\S)\s*=\s*(\S.*)$/) {
37 my ($key, $val) = ($1, $2);
38 # ceph treats ' ', '_' and '-' in keys the same, so lets do too
40 $cfg->{$section}->{$key} = $val;
48 my $parse_ceph_file = sub {
53 return $cfg if ! -f
$filename;
55 my $content = PVE
::Tools
::file_get_contents
($filename);
57 return parse_ceph_config
($filename, $content);
60 sub write_ceph_config
{
61 my ($filename, $cfg) = @_;
65 my $cond_write_sec = sub {
68 foreach my $section (sort keys %$cfg) {
69 next if $section !~ m/^$re$/;
70 $out .= "[$section]\n";
71 foreach my $key (sort keys %{$cfg->{$section}}) {
72 $out .= "\t $key = $cfg->{$section}->{$key}\n";
78 &$cond_write_sec('global');
79 &$cond_write_sec('client');
81 &$cond_write_sec('mds');
82 &$cond_write_sec('mon');
83 &$cond_write_sec('osd');
84 &$cond_write_sec('mgr');
86 &$cond_write_sec('mds\..*');
87 &$cond_write_sec('mon\..*');
88 &$cond_write_sec('osd\..*');
89 &$cond_write_sec('mgr\..*');
94 my $ceph_get_key = sub {
95 my ($keyfile, $username) = @_;
97 my $key = $parse_ceph_file->($keyfile);
98 my $secret = $key->{"client.$username"}->{key
};
105 my ($host, $port) = PVE
::Tools
::parse_host_and_port
($hostport);
106 if (!defined($host)) {
109 $port = defined($port) ?
":$port" : '';
110 $host = "[$host]" if Net
::IP
::ip_is_ipv6
($host);
111 return "${host}${port}";
114 sub get_monaddr_list
{
115 my ($configfile) = shift;
117 if (!defined($configfile)) {
118 warn "No ceph config specified\n";
122 my $config = $parse_ceph_file->($configfile);
124 my $monhostlist = {};
126 # get all ip adresses from mon_host
127 my $monhosts = [ split (/[ ,;]+/, $config->{global
}->{mon_host
} // "") ];
129 foreach my $monhost (@$monhosts) {
130 $monhost =~ s/^\[?v\d\://; # remove beginning of vector
131 $monhost =~ s
|/\d
+\
]?
||; # remove end of vector
132 my $host = $get_host->($monhost);
134 $monhostlist->{$host} = 1;
138 # then get all addrs from mon. sections
139 for my $section ( keys %$config ) {
140 next if $section !~ m/^mon\./;
142 if (my $addr = $config->{$section}->{mon_addr
}) {
143 $monhostlist->{$addr} = 1;
147 return join(',', sort keys %$monhostlist);
151 my ($list_text, $separator) = @_;
153 my @monhostlist = PVE
::Tools
::split_list
($list_text);
154 return join($separator, map { $get_host->($_) } @monhostlist);
157 my $ceph_check_keyfile = sub {
158 my ($filename, $type) = @_;
160 return if ! -f
$filename;
162 my $content = PVE
::Tools
::file_get_contents
($filename);
166 if ($type eq 'rbd') {
167 die if $content !~ /\s*\[\S+\]\s*key\s*=\s*\S+==\s*$/m;
168 } elsif ($type eq 'cephfs') {
169 die if $content !~ /\S+==\s*$/;
172 die "Not a proper $type authentication file: $filename\n" if $@;
177 sub ceph_connect_option
{
178 my ($scfg, $storeid, %options) = @_;
181 my $ceph_storeid_conf = "/etc/pve/priv/ceph/${storeid}.conf";
182 my $pveceph_config = '/etc/pve/ceph.conf';
183 my $keyfile = "/etc/pve/priv/ceph/${storeid}.keyring";
184 $keyfile = "/etc/pve/priv/ceph/${storeid}.secret" if ($scfg->{type
} eq 'cephfs');
185 my $pveceph_managed = !defined($scfg->{monhost
});
187 $cmd_option->{ceph_conf
} = $pveceph_config if $pveceph_managed;
189 $ceph_check_keyfile->($keyfile, $scfg->{type
});
191 if (-e
$ceph_storeid_conf) {
192 if ($pveceph_managed) {
193 warn "ignoring custom ceph config for storage '$storeid', 'monhost' is not set (assuming pveceph managed cluster)!\n";
195 $cmd_option->{ceph_conf
} = $ceph_storeid_conf;
199 $cmd_option->{keyring
} = $keyfile if (-e
$keyfile);
200 $cmd_option->{auth_supported
} = (defined $cmd_option->{keyring
}) ?
'cephx' : 'none';
201 $cmd_option->{userid
} = $scfg->{username
} ?
$scfg->{username
} : 'admin';
202 $cmd_option->{mon_host
} = hostlist
($scfg->{monhost
}, ',') if (defined($scfg->{monhost
}));
205 foreach my $k (keys %options) {
206 $cmd_option->{$k} = $options{$k};
214 sub ceph_create_keyfile
{
215 my ($type, $storeid) = @_;
217 my $extension = 'keyring';
218 $extension = 'secret' if ($type eq 'cephfs');
220 my $ceph_admin_keyring = '/etc/pve/priv/ceph.client.admin.keyring';
221 my $ceph_storage_keyring = "/etc/pve/priv/ceph/${storeid}.$extension";
223 die "ceph authx keyring file for storage '$storeid' already exists!\n"
224 if -e
$ceph_storage_keyring;
226 if (-e
$ceph_admin_keyring) {
228 if ($type eq 'rbd') {
229 mkdir '/etc/pve/priv/ceph';
230 PVE
::Tools
::file_copy
($ceph_admin_keyring, $ceph_storage_keyring);
231 } elsif ($type eq 'cephfs') {
232 my $secret = $ceph_get_key->($ceph_admin_keyring, 'admin');
233 mkdir '/etc/pve/priv/ceph';
234 PVE
::Tools
::file_set_contents
($ceph_storage_keyring, $secret, 0400);
238 unlink $ceph_storage_keyring;
239 die "failed to copy ceph authx $extension for storage '$storeid': $err\n";
242 warn "$ceph_admin_keyring not found, authentication is disabled.\n";
246 sub ceph_remove_keyfile
{
247 my ($type, $storeid) = @_;
249 my $extension = 'keyring';
250 $extension = 'secret' if ($type eq 'cephfs');
251 my $ceph_storage_keyring = "/etc/pve/priv/ceph/${storeid}.$extension";
253 if (-f
$ceph_storage_keyring) {
254 unlink($ceph_storage_keyring) or warn "removing keyring of storage failed: $!\n";