========
Scanning allows to capture any important details from an already-deployed OSD
so that ``ceph-volume`` can manage it without the need of any other startup
-workflows or tools (like ``udev`` or ``ceph-disk``).
+workflows or tools (like ``udev`` or ``ceph-disk``). Encryption with LUKS or
+PLAIN formats is fully supported.
The command has the ability to inspect a running OSD, by inspecting the
directory where the OSD data is stored, or by consuming the data partition.
* ``type``
* ``whoami``
+If the OSD is encrypted, it will additionally add the following keys:
+
+* ``encrypted``
+* ``encryption_type``
+* ``lockbox_keyring``
+
In the case of any other file, as long as it is not a binary or a directory, it
will also get captured and persisted as part of the JSON object.
"whoami": "1",
-For files that may have more than one line, the contents are left as-is, for
-example, a ``keyring`` could look like this::
+For files that may have more than one line, the contents are left as-is, except
+for keyrings which are treated specially and parsed to extract the keyring. For
+example, a ``keyring`` that gets read as::
+
+ [osd.1]\n\tkey = AQBBJ/dZp57NIBAAtnuQS9WOS0hnLVe0rZnE6Q==\n
+
+Would get stored as::
+
+ "keyring": "AQBBJ/dZp57NIBAAtnuQS9WOS0hnLVe0rZnE6Q==",
- "keyring": "[osd.1]\n\tkey = AQBBJ/dZp57NIBAAtnuQS9WOS0hnLVe0rZnE6Q==\n",
For a directory like ``/var/lib/ceph/osd/ceph-1``, the command could look
like::
ceph-volume simple scan /var/lib/ceph/osd/ceph1
-.. note:: There is no support for encrypted OSDs
-
-
.. _ceph-volume-simple-scan-device:
Device scan
ceph-volume simple scan /dev/sda1
-.. note:: There is no support for encrypted OSDs
-
-
.. _ceph-volume-simple-scan-json:
``JSON`` contents
"uuid": "86ebd829-1405-43d3-8fd6-4cbc9b6ecf96"
},
"fsid": "86ebd829-1405-43d3-8fd6-4cbc9b6ecf96",
- "keyring": "[osd.3]\n\tkey = AQBBJ/dZp57NIBAAtnuQS9WOS0hnLVe0rZnE6Q==\n",
+ "keyring": "AQBBJ/dZp57NIBAAtnuQS9WOS0hnLVe0rZnE6Q==",
"kv_backend": "rocksdb",
"magic": "ceph osd volume v026",
"mkfs_done": "yes",