From 1cfb0308b95eb1936b290a65fe4079fad1abce35 Mon Sep 17 00:00:00 2001
From: portdirect <pete@port.direct>
Date: Sat, 24 Feb 2018 20:05:36 -0500
Subject: [PATCH] Ceph: remove unrequired keyrings from pods
This PS removes unrequired keyrings from being mounted into ceph
pods.
Change-Id: If224796a4579cde195954ab806c20be7a1974ecd
---
ceph/templates/daemonset-osd.yaml | 33 -------------------------
ceph/templates/deployment-mds.yaml | 21 ----------------
ceph/templates/deployment-mgr.yaml | 21 ----------------
ceph/templates/deployment-moncheck.yaml | 21 ----------------
ceph/templates/deployment-rgw.yaml | 21 ----------------
5 files changed, 117 deletions(-)
diff --git a/ceph/templates/daemonset-osd.yaml b/ceph/templates/daemonset-osd.yaml
index 9a9934abd6..5c23545942 100644
--- a/ceph/templates/daemonset-osd.yaml
+++ b/ceph/templates/daemonset-osd.yaml
@@ -106,22 +106,10 @@ spec:
mountPath: /etc/ceph/ceph.client.admin.keyring
subPath: ceph.client.admin.keyring
readOnly: false
- - name: ceph-mon-keyring
- mountPath: /etc/ceph/ceph.mon.keyring
- subPath: ceph.mon.keyring
- readOnly: false
- name: ceph-bootstrap-osd-keyring
mountPath: /var/lib/ceph/bootstrap-osd/ceph.keyring
subPath: ceph.keyring
readOnly: false
- - name: ceph-bootstrap-mds-keyring
- mountPath: /var/lib/ceph/bootstrap-mds/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- - name: ceph-bootstrap-rgw-keyring
- mountPath: /var/lib/ceph/bootstrap-rgw/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- name: devices
mountPath: /dev
readOnly: false
@@ -212,22 +200,10 @@ spec:
mountPath: /etc/ceph/ceph.client.admin.keyring
subPath: ceph.client.admin.keyring
readOnly: false
- - name: ceph-mon-keyring
- mountPath: /etc/ceph/ceph.mon.keyring
- subPath: ceph.mon.keyring
- readOnly: false
- name: ceph-bootstrap-osd-keyring
mountPath: /var/lib/ceph/bootstrap-osd/ceph.keyring
subPath: ceph.keyring
readOnly: false
- - name: ceph-bootstrap-mds-keyring
- mountPath: /var/lib/ceph/bootstrap-mds/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- - name: ceph-bootstrap-rgw-keyring
- mountPath: /var/lib/ceph/bootstrap-rgw/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- name: devices
mountPath: /dev
readOnly: false
@@ -269,18 +245,9 @@ spec:
- name: ceph-client-admin-keyring
secret:
secretName: {{ .Values.secrets.keyrings.admin }}
- - name: ceph-mon-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.mon }}
- name: ceph-bootstrap-osd-keyring
secret:
secretName: {{ .Values.secrets.keyrings.osd }}
- - name: ceph-bootstrap-mds-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.mds }}
- - name: ceph-bootstrap-rgw-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.rgw }}
# NOTE(portdirect): If directory mounts are to be used for OSD's
# they will automaticly be inserted here, with the format:
# - name: data
diff --git a/ceph/templates/deployment-mds.yaml b/ceph/templates/deployment-mds.yaml
index 63bf4653fe..832d9a05f1 100644
--- a/ceph/templates/deployment-mds.yaml
+++ b/ceph/templates/deployment-mds.yaml
@@ -95,22 +95,10 @@ spec:
mountPath: /etc/ceph/ceph.client.admin.keyring
subPath: ceph.client.admin.keyring
readOnly: true
- - name: ceph-mon-keyring
- mountPath: /etc/ceph/ceph.mon.keyring
- subPath: ceph.mon.keyring
- readOnly: true
- - name: ceph-bootstrap-osd-keyring
- mountPath: /var/lib/ceph/bootstrap-osd/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- name: ceph-bootstrap-mds-keyring
mountPath: /var/lib/ceph/bootstrap-mds/ceph.keyring
subPath: ceph.keyring
readOnly: false
- - name: ceph-bootstrap-rgw-keyring
- mountPath: /var/lib/ceph/bootstrap-rgw/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- name: pod-var-lib-ceph
mountPath: /var/lib/ceph
readOnly: false
@@ -134,16 +122,7 @@ spec:
- name: ceph-client-admin-keyring
secret:
secretName: {{ .Values.secrets.keyrings.admin }}
- - name: ceph-mon-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.mon }}
- - name: ceph-bootstrap-osd-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.osd }}
- name: ceph-bootstrap-mds-keyring
secret:
secretName: {{ .Values.secrets.keyrings.mds }}
- - name: ceph-bootstrap-rgw-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.rgw }}
{{- end }}
diff --git a/ceph/templates/deployment-mgr.yaml b/ceph/templates/deployment-mgr.yaml
index 84af8dce6a..8f52a7aa6f 100644
--- a/ceph/templates/deployment-mgr.yaml
+++ b/ceph/templates/deployment-mgr.yaml
@@ -122,18 +122,6 @@ spec:
mountPath: /etc/ceph/ceph.client.admin.keyring
subPath: ceph.client.admin.keyring
readOnly: true
- - name: ceph-mon-keyring
- mountPath: /etc/ceph/ceph.mon.keyring
- subPath: ceph.mon.keyring
- readOnly: true
- - name: ceph-bootstrap-osd-keyring
- mountPath: /var/lib/ceph/bootstrap-osd/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- - name: ceph-bootstrap-mds-keyring
- mountPath: /var/lib/ceph/bootstrap-mds/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- name: ceph-bootstrap-mgr-keyring
mountPath: /var/lib/ceph/bootstrap-mgr/ceph.keyring
subPath: ceph.keyring
@@ -163,15 +151,6 @@ spec:
- name: ceph-client-admin-keyring
secret:
secretName: {{ .Values.secrets.keyrings.admin }}
- - name: ceph-mon-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.mon }}
- - name: ceph-bootstrap-osd-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.osd }}
- - name: ceph-bootstrap-mds-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.mds }}
- name: ceph-bootstrap-mgr-keyring
secret:
secretName: {{ .Values.secrets.keyrings.mgr }}
diff --git a/ceph/templates/deployment-moncheck.yaml b/ceph/templates/deployment-moncheck.yaml
index 7ada6f5994..b27d601810 100644
--- a/ceph/templates/deployment-moncheck.yaml
+++ b/ceph/templates/deployment-moncheck.yaml
@@ -95,18 +95,6 @@ spec:
mountPath: /etc/ceph/ceph.mon.keyring
subPath: ceph.mon.keyring
readOnly: true
- - name: ceph-bootstrap-osd-keyring
- mountPath: /var/lib/ceph/bootstrap-osd/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- - name: ceph-bootstrap-mds-keyring
- mountPath: /var/lib/ceph/bootstrap-mds/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- - name: ceph-bootstrap-rgw-keyring
- mountPath: /var/lib/ceph/bootstrap-rgw/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- name: pod-var-lib-ceph
mountPath: /var/lib/ceph
readOnly: false
@@ -133,13 +121,4 @@ spec:
- name: ceph-mon-keyring
secret:
secretName: {{ .Values.secrets.keyrings.mon }}
- - name: ceph-bootstrap-osd-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.osd }}
- - name: ceph-bootstrap-mds-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.mds }}
- - name: ceph-bootstrap-rgw-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.rgw }}
{{- end }}
diff --git a/ceph/templates/deployment-rgw.yaml b/ceph/templates/deployment-rgw.yaml
index 42324c4ecc..63de3475e6 100644
--- a/ceph/templates/deployment-rgw.yaml
+++ b/ceph/templates/deployment-rgw.yaml
@@ -134,18 +134,6 @@ spec:
mountPath: /etc/ceph/ceph.client.admin.keyring
subPath: ceph.client.admin.keyring
readOnly: true
- - name: ceph-mon-keyring
- mountPath: /etc/ceph/ceph.mon.keyring
- subPath: ceph.mon.keyring
- readOnly: true
- - name: ceph-bootstrap-osd-keyring
- mountPath: /var/lib/ceph/bootstrap-osd/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- - name: ceph-bootstrap-mds-keyring
- mountPath: /var/lib/ceph/bootstrap-mds/ceph.keyring
- subPath: ceph.keyring
- readOnly: false
- name: ceph-bootstrap-rgw-keyring
mountPath: /var/lib/ceph/bootstrap-rgw/ceph.keyring
subPath: ceph.keyring
@@ -175,15 +163,6 @@ spec:
- name: ceph-client-admin-keyring
secret:
secretName: {{ .Values.secrets.keyrings.admin }}
- - name: ceph-mon-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.mon }}
- - name: ceph-bootstrap-osd-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.osd }}
- - name: ceph-bootstrap-mds-keyring
- secret:
- secretName: {{ .Values.secrets.keyrings.mds }}
- name: ceph-bootstrap-rgw-keyring
secret:
secretName: {{ .Values.secrets.keyrings.rgw }}