These are chat archives for ceph/ceph-cookbook

18th
May 2015
Sergio de Carvalho
@scarvalhojr
May 18 2015 23:03
Hi, I'm having trouble to deploy a Ceph cluster with the ceph-cookbook using an encrypted data bag (EDB) to store the monitor and OSD secrets (I can deploy a cluster just fine if I'm not using an EDB). This is what I'm doing: I've manually created 2 random secret keys and uploaded them to an EDB on my Chef server. I can then deploy the first node with a monitor using the mon secret stored in the EDB. However, once this node is deployed and the cluster is up, a bootstrap-osd key is automatically generated in the auth system. As a result, when another node of the cluster is deployed with an OSD daemon, the OSD secret stored in the EDB obviously won't match the one generated by the first node, and the OSD then fails to activate. The OSD recipe retrieves the OSD secret from the EDB but I don't see how this secret ever gets imported into the cluster. I'd appreciate if anyone could help me understand how the cookbook works with EDBs. Thanks!