node-rados icon indicating copy to clipboard operation
node-rados copied to clipboard
verified publisher icon ksperis

Fails to connect for limited access user

Open oferb1 opened this issue 8 years ago • 0 comments

I have a user with the following auth entry in ceph:

client.libvirt
	key: [secret]
	caps: [mon] allow r
	caps: [osd] allow class-read object_prefix rbd_children, allow rwx pool=libvirt-pool

Following this guide http://docs.ceph.com/docs/hammer/rbd/libvirt/

here is a sample code, that fails with this user

'use strict'
const rados = require('rados');

console.log('testing with admin account');
let cluster = new rados.Rados('ceph', 'client.admin', '/etc/ceph/ceph.conf');
let err = cluster.connect();
if (err !== 0) {
  console.log(`Failed to connect with error ${err}`);
} else {
  console.log(`fsid: ${cluster.get_fsid()}`);
}

console.log('testing with libvirt account');
cluster = new rados.Rados('ceph', 'client.libvirt', '/etc/ceph/ceph.libvirt.conf');
err = cluster.connect();
if (err !== 0) {
  console.log(`Failed to connect with error ${err}`);
} else { 
  console.log(`fsid: ${cluster.get_fsid()}`);
}

The output is:

testing with admin account
fsid: a3bc6d05-198a-47c2-b3de-b19eb022e406
testing with libvirt account
Failed to connect with error 95

the same user using the rbd tool works fine

# rbd -c /etc/ceph/ceph.libvirt.conf -k /etc/ceph/ceph.client.libvirt.keyring --id libvirt ls libvirt-pool
new-libvirt-image
#

ceph.libvirt.conf

mon_host = 192.168.1.32
keyring = ceph.client.libvirt.keyring

oferb1 avatar Mar 16 '17 18:03 oferb1