[stgt] Patch for adding virsecretuuid & cephx_key ids to --bsopts

Dan Mick dan.mick at inktank.com
Wed Jun 18 07:49:05 CEST 2014


I've seen this; I'm traveling/busy this week so will try to give it some 
thought, but no promises


On 06/17/2014 08:30 AM, FUJITA Tomonori wrote:
> Added Dan to To:
>
> On Tue, 17 Jun 2014 08:49:14 -0400
> Scott Sullivan <ssullivan at liquidweb.com> wrote:
>
>> Hello,
>>
>> Below is a patch that adds two new params to --bsopts for RBD backing
>> stores (virsecretuuid & cephx_key). This was very useful for me, since
>> it is nice to be able to give the required authentication detail in
>> the same place as the id. I have tested and both options work, as well
>> as the error condition if both options are given (made them conflict).
>>
>> I have verified the patch passes scripts/checkpatch.pl style
>> guidelines. Is there any interest in applying this patch? Im using
>> this internally with success; for us at least this is a desirable
>> thing to have.
>>
>>
>>  From 5359b581c5e7bf434979becaefc53a711ef88432 Mon Sep 17 00:00:00 2001
>> From: Scott Sullivan <ssullivan at liquidweb.com>
>> Date: Tue, 17 Jun 2014 08:16:09 -0400
>> Subject: [PATCH] bsopts: Add virsecretuuid && cephx_key
>>
>> Allow passing either a libvirt secret UUID, or a cephx_key to
>> --bsopts. Options are
>> conflicting, so error if both options given. This allows one to do
>> this:
>>
>> --bsopts="conf=/etc/ceph/ceph.conf;id=cephx_user;virsecretuuid=$MY_LIBVIRT_SECRET_UUID"
>> -OR-
>> --bsopts="conf=/etc/ceph/ceph.conf;id=cephx_user;cephx_key=$MY_KEY"
>>
>> Signed-off-by: Scott Sullivan <ssullivan at liquidweb.com>
>> ---
>>   usr/bs_rbd.c | 64
>>   ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>>   1 file changed, 64 insertions(+)
>>
>> diff --git a/usr/bs_rbd.c b/usr/bs_rbd.c
>> index 3a052ed..86857b9 100644
>> --- a/usr/bs_rbd.c
>> +++ b/usr/bs_rbd.c
>> @@ -517,6 +517,9 @@ static tgtadm_err bs_rbd_init(struct scsi_lu *lu,
>> char *bsopts)
>>       struct active_rbd *rbd = RBDP(lu);
>>       char *confname = NULL;
>>       char *clientid = NULL;
>> +    char *virsecretuuid = NULL;
>> +    char *given_cephx_key = NULL;
>> +    char disc_cephx_key[256];
>>       char *clustername = NULL;
>>       char clientid_full[128];
>>       char *ignore = NULL;
>> @@ -532,6 +535,10 @@ static tgtadm_err bs_rbd_init(struct scsi_lu *lu,
>> char *bsopts)
>>               clientid = slurp_value(&bsopts);
>>           else if (is_opt("cluster", bsopts))
>>               clustername = slurp_value(&bsopts);
>> +        else if (is_opt("virsecretuuid", bsopts))
>> +            virsecretuuid = slurp_value(&bsopts);
>> +        else if (is_opt("cephx_key", bsopts))
>> +            given_cephx_key = slurp_value(&bsopts);
>>           else {
>>               ignore = slurp_to_semi(&bsopts);
>>               eprintf("bs_rbd: ignoring unknown option \"%s\"\n",
>> @@ -547,6 +554,41 @@ static tgtadm_err bs_rbd_init(struct scsi_lu *lu,
>> char *bsopts)
>>           eprintf("bs_rbd_init: confname %s\n", confname);
>>       if (clustername)
>>           eprintf("bs_rbd_init: clustername %s\n", clustername);
>> +    if (virsecretuuid)
>> +        eprintf("bs_rbd_init: virsecretuuid %s\n", virsecretuuid);
>> +    if (given_cephx_key)
>> + eprintf("bs_rbd_init: given_cephx_key %s\n", given_cephx_key);
>> +
>> +    /* virsecretuuid && given_cephx_key are conflicting options. */
>> +    if (virsecretuuid && given_cephx_key) {
>> + eprintf("Conflicting options virsecretuuid=[%s] cephx_key=[%s]",
>> +            virsecretuuid, given_cephx_key);
>> +        goto fail;
>> +    }
>> +
>> +    /* Get stored key from secret uuid. */
>> +    if (virsecretuuid) {
>> + char libvir_uuid_file_path_buf[256] = "/etc/libvirt/secrets/";
>> +        strcat(libvir_uuid_file_path_buf, virsecretuuid);
>> +        strcat(libvir_uuid_file_path_buf, ".base64");
>> +
>> +        FILE *fp;
>> +        fp = fopen(libvir_uuid_file_path_buf , "r");
>> +        if (fp == NULL) {
>> +            eprintf("bs_rbd_init: Unable to read %s\n",
>> +                libvir_uuid_file_path_buf);
>> +            goto fail;
>> +        }
>> +        if (fgets(disc_cephx_key, 256, fp) == NULL) {
>> +            eprintf("bs_rbd_init: Unable to read %s\n",
>> +                libvir_uuid_file_path_buf);
>> +            goto fail;
>> +        }
>> +        fclose(fp);
>> +        strtok(disc_cephx_key, "\n");
>> +
>> +        eprintf("bs_rbd_init: disc_cephx_key %s\n", disc_cephx_key);
>> +    }
>>
>>       eprintf("bs_rbd_init bsopts=%s\n", bsopts);
>>       /*
>> @@ -570,6 +612,7 @@ static tgtadm_err bs_rbd_init(struct scsi_lu *lu,
>> char *bsopts)
>>           eprintf("bs_rbd_init: rados_create: %d\n", rados_ret);
>>           return ret;
>>       }
>> +
>>       /*
>>        * Read config from environment, then conf file(s) which may
>>        * be set by conf=
>> @@ -584,6 +627,23 @@ static tgtadm_err bs_rbd_init(struct scsi_lu *lu,
>> char *bsopts)
>>           eprintf("bs_rbd_init: rados_conf_read_file: %d\n", rados_ret);
>>           goto fail;
>>       }
>> +
>> +    /* Set given key */
>> +    if (virsecretuuid) {
>> + if (rados_conf_set(rbd->cluster, "key", disc_cephx_key) < 0) {
>> +            eprintf("bs_rbd_init: failed to set cephx_key: %s\n",
>> +                disc_cephx_key);
>> +            goto fail;
>> +        }
>> +    }
>> +    if (given_cephx_key) {
>> + if (rados_conf_set(rbd->cluster, "key", given_cephx_key) < 0) {
>> +            eprintf("bs_rbd_init: failed to set cephx_key: %s\n",
>> +                given_cephx_key);
>> +            goto fail;
>> +        }
>> +    }
>> +
>>       rados_ret = rados_connect(rbd->cluster);
>>       if (rados_ret < 0) {
>>           eprintf("bs_rbd_init: rados_connect: %d\n", rados_ret);
>> @@ -595,6 +655,10 @@ fail:
>>           free(confname);
>>       if (clientid)
>>           free(clientid);
>> +    if (virsecretuuid)
>> +        free(virsecretuuid);
>> +    if (given_cephx_key)
>> +        free(given_cephx_key);
>>
>>       return ret;
>>   }
>> -- 
>> 1.7.10.4
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe stgt" in
>> the body of a message to majordomo at vger.kernel.org
>> More majordomo info at  http://vger.kernel.org/majordomo-info.html

--
To unsubscribe from this list: send the line "unsubscribe stgt" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



More information about the stgt mailing list