vault backup: 2025-04-18 21:01:49

author: Jasper Ras <jaspert.ras@gmail.com> 2025-04-18 21:01:49 +0200
committer: Jasper Ras <jaspert.ras@gmail.com> 2025-04-18 21:01:49 +0200
commit: a8a8e1f984f20c8008f3a5f57cd39b416eb73104 (patch)
tree: 2262794b52d82c5fd9cbc55b503b52fafbd3af8a /Gobs Ceph Client Key Access.md
parent: 5fa69499917fab7a026c90c8321dbcc22734106a (diff)
parent: ab409a3701bf59dd73dc1e0324376bdac8b6d74f (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/Gobs Ceph Client Key Access.md b/Gobs Ceph Client Key Access.md
new file mode 100644
index 0000000..d8f86c7
--- /dev/null
+++ b/Gobs Ceph Client Key Access.md
@@ -0,0 +1,13 @@
+---
+tags:
+  - work
+  - gobs
+  - ceph
+  - openstack
+---
+[[Overview of Ceph]]
+
+Ceph credentials are typically stored in a keyring file under `/etc/ceph`. Nova has a a key there owned by nova/nova.
+Instead of adding a new key I've added the `goba` user to the `nova` group and modified our hieradata to specify a mode which allows the group to read the keyring.
+
+https://gitlab.group.one/groupvps/hieradata/-/merge_requests/499/diffs
author	Jasper Ras <jaspert.ras@gmail.com>	2025-04-18 21:01:49 +0200
committer	Jasper Ras <jaspert.ras@gmail.com>	2025-04-18 21:01:49 +0200
commit	a8a8e1f984f20c8008f3a5f57cd39b416eb73104 (patch)
tree	2262794b52d82c5fd9cbc55b503b52fafbd3af8a /Gobs Ceph Client Key Access.md
parent	5fa69499917fab7a026c90c8321dbcc22734106a (diff)
parent	ab409a3701bf59dd73dc1e0324376bdac8b6d74f (diff)