]> git.proxmox.com Git - pve-storage.git/blob - PVE/CephConfig.pm
projects / pve-storage.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
register ceph.conf parser/writer
[pve-storage.git] / PVE / CephConfig.pm
1 package PVE::CephConfig;
2
3 use strict;
4 use warnings;
5 use Net::IP;
6 use PVE::Tools qw(run_command);
7 use PVE::Cluster qw(cfs_register_file);
8
9 cfs_register_file('ceph.conf',
10 \&parse_ceph_config,
11 \&write_ceph_config);
12
13 sub parse_ceph_config {
14 my ($filename, $raw) = @_;
15
16 my $cfg = {};
17
18 my @lines = split /\n/, $raw;
19
20 my $section;
21
22 foreach my $line (@lines) {
23 $line =~ s/[;#].*$//;
24 $line =~ s/^\s+//;
25 $line =~ s/\s+$//;
26 next if !$line;
27
28 $section = $1 if $line =~ m/^\[(\S+)\]$/;
29 if (!$section) {
30 warn "no section - skip: $line\n";
31 next;
32 }
33
34 if ($line =~ m/^(.*?\S)\s*=\s*(\S.*)$/) {
35 $cfg->{$section}->{$1} = $2;
36 }
37
38 }
39
40 return $cfg;
41 }
42
43 my $parse_ceph_file = sub {
44 my ($filename) = @_;
45
46 my $cfg = {};
47
48 return $cfg if ! -f $filename;
49
50 my $content = PVE::Tools::file_get_contents($filename);
51
52 return parse_ceph_config($filename, $content);
53 };
54
55 sub write_ceph_config {
56 my ($filename, $cfg) = @_;
57
58 my $out = '';
59
60 my $cond_write_sec = sub {
61 my $re = shift;
62
63 foreach my $section (keys %$cfg) {
64 next if $section !~ m/^$re$/;
65 $out .= "[$section]\n";
66 foreach my $key (sort keys %{$cfg->{$section}}) {
67 $out .= "\t $key = $cfg->{$section}->{$key}\n";
68 }
69 $out .= "\n";
70 }
71 };
72
73 &$cond_write_sec('global');
74 &$cond_write_sec('client');
75
76 &$cond_write_sec('mds');
77 &$cond_write_sec('mon');
78 &$cond_write_sec('osd');
79 &$cond_write_sec('mgr');
80
81 &$cond_write_sec('mds\..*');
82 &$cond_write_sec('mon\..*');
83 &$cond_write_sec('osd\..*');
84 &$cond_write_sec('mgr\..*');
85
86 return $out;
87 }
88
89 my $ceph_get_key = sub {
90 my ($keyfile, $username) = @_;
91
92 my $key = $parse_ceph_file->($keyfile);
93 my $secret = $key->{"client.$username"}->{key};
94
95 return $secret;
96 };
97
98 sub get_monaddr_list {
99 my ($configfile) = shift;
100
101 my $server;
102
103 if (!defined($configfile)) {
104 warn "No ceph config specified\n";
105 return;
106 }
107
108 my $config = $parse_ceph_file->($configfile);
109 @$server = sort map { $config->{$_}->{'mon addr'} } grep {/mon/} %{$config};
110
111 return join(',', @$server);
112 };
113
114 sub hostlist {
115 my ($list_text, $separator) = @_;
116
117 my @monhostlist = PVE::Tools::split_list($list_text);
118 return join($separator, map {
119 my ($host, $port) = PVE::Tools::parse_host_and_port($_);
120 $port = defined($port) ? ":$port" : '';
121 $host = "[$host]" if Net::IP::ip_is_ipv6($host);
122 "${host}${port}"
123 } @monhostlist);
124 }
125
126 my $ceph_check_keyfile = sub {
127 my ($filename, $type) = @_;
128
129 return if ! -f $filename;
130
131 my $content = PVE::Tools::file_get_contents($filename);
132 eval {
133 die if !$content;
134
135 if ($type eq 'rbd') {
136 die if $content !~ /\s*\[\S+\]\s*key\s*=\s*\S+==\s*$/m;
137 } elsif ($type eq 'cephfs') {
138 die if $content !~ /\S+==\s*$/;
139 }
140 };
141 die "Not a proper $type authentication file: $filename\n" if $@;
142
143 return undef;
144 };
145
146 sub ceph_connect_option {
147 my ($scfg, $storeid, %options) = @_;
148
149 my $cmd_option = {};
150 my $ceph_storeid_conf = "/etc/pve/priv/ceph/${storeid}.conf";
151 my $pveceph_config = '/etc/pve/ceph.conf';
152 my $keyfile = "/etc/pve/priv/ceph/${storeid}.keyring";
153 $keyfile = "/etc/pve/priv/ceph/${storeid}.secret" if ($scfg->{type} eq 'cephfs');
154 my $pveceph_managed = !defined($scfg->{monhost});
155
156 $cmd_option->{ceph_conf} = $pveceph_config if $pveceph_managed;
157
158 $ceph_check_keyfile->($keyfile, $scfg->{type});
159
160 if (-e $ceph_storeid_conf) {
161 if ($pveceph_managed) {
162 warn "ignoring custom ceph config for storage '$storeid', 'monhost' is not set (assuming pveceph managed cluster)!\n";
163 } else {
164 $cmd_option->{ceph_conf} = $ceph_storeid_conf;
165 }
166 }
167
168 $cmd_option->{keyring} = $keyfile if (-e $keyfile);
169 $cmd_option->{auth_supported} = (defined $cmd_option->{keyring}) ? 'cephx' : 'none';
170 $cmd_option->{userid} = $scfg->{username} ? $scfg->{username} : 'admin';
171 $cmd_option->{mon_host} = hostlist($scfg->{monhost}, ',') if (defined($scfg->{monhost}));
172
173 if (%options) {
174 foreach my $k (keys %options) {
175 $cmd_option->{$k} = $options{$k};
176 }
177 }
178
179 return $cmd_option;
180
181 }
182
183 sub ceph_create_keyfile {
184 my ($type, $storeid) = @_;
185
186 my $extension = 'keyring';
187 $extension = 'secret' if ($type eq 'cephfs');
188
189 my $ceph_admin_keyring = '/etc/pve/priv/ceph.client.admin.keyring';
190 my $ceph_storage_keyring = "/etc/pve/priv/ceph/${storeid}.$extension";
191
192 die "ceph authx keyring file for storage '$storeid' already exists!\n"
193 if -e $ceph_storage_keyring;
194
195 if (-e $ceph_admin_keyring) {
196 eval {
197 if ($type eq 'rbd') {
198 mkdir '/etc/pve/priv/ceph';
199 PVE::Tools::file_copy($ceph_admin_keyring, $ceph_storage_keyring);
200 } elsif ($type eq 'cephfs') {
201 my $secret = $ceph_get_key->($ceph_admin_keyring, 'admin');
202 mkdir '/etc/pve/priv/ceph';
203 PVE::Tools::file_set_contents($ceph_storage_keyring, $secret, 0400);
204 }
205 };
206 if (my $err = $@) {
207 unlink $ceph_storage_keyring;
208 die "failed to copy ceph authx $extension for storage '$storeid': $err\n";
209 }
210 } else {
211 warn "$ceph_admin_keyring not found, authentication is disabled.\n";
212 }
213 }
214
215 sub ceph_remove_keyfile {
216 my ($type, $storeid) = @_;
217
218 my $extension = 'keyring';
219 $extension = 'secret' if ($type eq 'cephfs');
220 my $ceph_storage_keyring = "/etc/pve/priv/ceph/${storeid}.$extension";
221
222 if (-f $ceph_storage_keyring) {
223 unlink($ceph_storage_keyring) or warn "removing keyring of storage failed: $!\n";
224 }
225 }
226
227 1;
Storage library