[Deepsea-users] Strange behaviour with ceph.stage.configure
LOIC DEVULDER - U329683
loic.devulder at mpsa.com
Tue May 9 09:21:58 MDT 2017
Hi guys!
I have a strange behaviour on my ceph cluster, I try to "simply" execute the configure stage with DeepSea and I have the following error with the admin key:
ylal8620:~ # salt-run state.orch ceph.stage.configure
[WARNING ] Although 'dmidecode' was found in path, the current user cannot execute it. Grains output might not be accurate.
[WARNING ] Although 'dmidecode' was found in path, the current user cannot execute it. Grains output might not be accurate.
[CRITICAL] No suitable gitfs provider module is installed.
[WARNING ] Although 'dmidecode' was found in path, the current user cannot execute it. Grains output might not be accurate.
[WARNING ] Although 'dmidecode' was found in path, the current user cannot execute it. Grains output might not be accurate.
[ERROR ] Run failed on minions: ylal8620.inetpsa.com
Failures:
ylal8620.inetpsa.com:
Data failed to compile:
----------
Rendering SLS 'base:ceph.admin.key.default' failed: Jinja variable 'salt.utils.templates.AliasedLoader object' has no attribute 'keyring.secret'
ylal8620.inetpsa.com_master:
Name: push.proposal - Function: salt.runner - Result: Changed Started: - 17:13:31.858716 Duration: 481.519 ms
Name: refresh_pillar1 - Function: salt.state - Result: Changed Started: - 17:13:32.340671 Duration: 624.121 ms
Name: configure.cluster - Function: salt.runner - Result: Changed Started: - 17:13:32.965248 Duration: 902.821 ms
Name: refresh_pillar2 - Function: salt.state - Result: Changed Started: - 17:13:33.868575 Duration: 636.625 ms
----------
ID: admin key
Function: salt.state
Result: False
Comment: Run failed on minions: ylal8620.inetpsa.com
Failures:
ylal8620.inetpsa.com:
Data failed to compile:
----------
Rendering SLS 'base:ceph.admin.key.default' failed: Jinja variable 'salt.utils.templates.AliasedLoader object' has no attribute 'keyring.secret'
Started: 17:13:34.505359
Duration: 521.657 ms
Changes:
Summary for ylal8620.inetpsa.com_master
------------
Succeeded: 4 (changed=4)
Failed: 1
------------
Total states run: 5
Total run time: 3.167 s
I don't understand what I'm doing wrong... The same thing executes well on my test cluster.
I have searched for keyring.secret (I know that it's a Python function) and the Salt configuration seems to be ok:
ylal8620:~ # grep -r keyring.secret /srv/*
Binary file /srv/modules/runners/populate.pyc matches
/srv/modules/runners/populate.py: Track cluster name, writer, root directory and a keyring secret
/srv/modules/runners/populate.py: The master role can access all keyring secrets
/srv/salt/ceph/admin/key/default.sls: secret: {{ salt['keyring.secret'](keyring_file) }}
/srv/salt/ceph/igw/key/default-shared.sls: secret: {{ salt['keyring.secret'](keyring_file) }}
/srv/salt/ceph/igw/key/default.sls: secret: {{ salt['keyring.secret'](keyring_file) }}
/srv/salt/ceph/mds/key/default-shared.sls: secret: {{ salt['keyring.secret'](keyring_file) }}
/srv/salt/ceph/mds/key/default.sls: secret: {{ salt['keyring.secret'](keyring_file) }}
/srv/salt/ceph/mon/key/default.sls: mon_secret: {{ salt['keyring.secret'](keyring_file) }}
/srv/salt/ceph/mon/key/default.sls: admin_secret: {{ salt['keyring.secret'](admin_keyring) }}
/srv/salt/ceph/openattic/key/default.sls: secret: {{ salt['keyring.secret'](keyring_file) }}
/srv/salt/ceph/osd/key/default.sls: secret: {{ salt['keyring.secret'](keyring_file) }}
/srv/salt/ceph/rgw/key/default-shared.sls: secret: {{ salt['keyring.secret'](keyring_file) }}
/srv/salt/ceph/rgw/key/default.sls: secret: {{ salt['keyring.secret'](keyring_file) }}
ylal8620:~ # cat /srv/salt/ceph/admin/key/default.sls
{# The mon creation needs this key as well #}
{# Named the file the same as other components, there is only one keyring #}
{% set keyring_file = "/srv/salt/ceph/admin/cache/ceph.client.admin.keyring" %}
{{ keyring_file }}:
file.managed:
- source:
- salt://ceph/admin/files/keyring.j2
- template: jinja
- user: salt
- group: salt
- mode: 600
- makedirs: True
- context:
secret: {{ salt['keyring.secret'](keyring_file) }}
- fire_event: True
ylal8620:~ # cat /srv/salt/ceph/admin/cache/ceph.client.admin.keyring
[client.admin]
key = AQCk1plYAAAAABAAAUCiFWAcXJ3HCXizdojlag==
caps mds = "allow *"
caps mon = "allow *"
caps osd = "allow *"
ylal8620:~ # cat /etc/ceph/ceph.c
ceph.client.admin.keyring ceph.client.openattic.keyring ceph.conf ceph.conf_new ceph.conf_old
ylal8620:~ # cat /etc/ceph/ceph.client.admin.keyring
[client.admin]
key = AQCk1plYAAAAABAAAUCiFWAcXJ3HCXizdojlag==
caps mds = "allow *"
caps mon = "allow *"
caps osd = "allow *"
ylal8620:~ # ll /etc/ceph/
total 28
-rw------- 1 root root 129 Feb 7 16:13 ceph.client.admin.keyring
-rw-rw---- 1 openattic openattic 111 Feb 7 17:43 ceph.client.openattic.keyring
-rw-r--r-- 1 root root 785 May 9 16:12 ceph.conf
-rw-r--r-- 1 root root 785 Feb 15 09:41 ceph.conf_new
-rw-r--r-- 1 root root 336 Feb 9 14:05 ceph.conf_old
-rwxr-xr-x 1 root root 658 Feb 14 14:47 osd_location.sh
-rwxr-xr-x 1 root root 92 Feb 4 01:22 rbdmap
If anyone have an idea, it would be great for me!
Regards / Cordialement,
___________________________________________________________________
PSA Groupe
Loïc Devulder (loic.devulder at mpsa.com)
Senior Linux System Engineer / HPC Specialist
DF/DDCE/ISTA/DSEP/ULES - Linux Team
BESSONCOURT / EXTENSION RIVE DROITE / B19
Internal postal address: SX.BES.15
Phone Incident - Level 3: 22 94 39
Phone Incident - Level 4: 22 92 40
Office: +33 (0)9 66 66 69 06 (27 69 06)
Mobile: +33 (0)6 87 72 47 31
___________________________________________________________________
This message may contain confidential information. If you are not the intended recipient, please advise the sender immediately and delete this message. For further information on confidentiality and the risks inherent in electronic communication see http://disclaimer.psa-peugeot-citroen.com.
More information about the Deepsea-users
mailing list