Alex Chernyakhovsky
Alex Chernyakhovsky
Looks pretty good, although I'm currently debating if we want python/ or src/python. Have you had a chance to look at how to integrate this with the build system?
Patch in #1332508 looks good as-is, submit a PR. #1153517 I am not so sure about. Hesiod fundamentally does not support DNSSEC; root accounts/injection should be prevented by using something...
Hm, this seems to break the tests ``` Can't initialize hesiod library. FAIL: hestest.conf ``` @nalind Can you take a look at the failure?
I would be okay with pointing hestest at a config file. That seems most correct if you're improving the unconfigured state.
See also #1065
I used `object.yaml`, yes. My read of `object-external.yaml` is it's trying to set up a CRD pointing to an external rgw -- which I don't have. I actually do want...
@BlaineEXE you are correct the admin key is not present. Or rather, what it's in `kubectl get secret -n rook-ceph-external rook-ceph-mon -o json` is `"admin-secret": "YWRtaW4tc2VjcmV0",`, which base64-decodes to `admin-secret`....
@BlaineEXE I tried passing `--keyring` and `--ceph-conf` as you suggested, ``` python3 ./rook/create-external-cluster-resources.py --rbd-data-pool-name=ssdpool --cephfs-data-pool-name=cephfs_data_ec --format=bash --output=no_key.sh python3 ./rook/create-external-cluster-resources.py --rbd-data-pool-name=ssdpool --cephfs-data-pool-name=cephfs_data_ec --format=bash --output=key.sh --keyring=/etc/pve/priv/ceph.client.admin.keyring --ceph-conf=/etc/pve/ceph.conf diff -u no_key.sh key.sh ```...
@parth-gr as I mentioned in my initial comment I do not have an existing radosgw configuration for this external ceph cluster, and my goal is to get rook to provision...