util/conn_pool: open a connection with requested user

Use the Credentials.ID in combination with the keyfile to connect to the Ceph cluster. This makes it possible to use different users for different tasks on the cluster. Fixes: ceph#904 Signed-off-by: Niels de Vos <[email protected]>
Madhu-1 · Apr 9, 2020 · 76de2bd · 76de2bd
1 parent 58765e2
commit 76de2bd
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/pkg/rbd/rbd_util.go b/pkg/rbd/rbd_util.go
@@ -165,7 +165,7 @@ func createImage(ctx context.Context, pOpts *rbdVolume, cr *util.Credentials) er
 
 func (rv *rbdVolume) getIoctx(cr *util.Credentials) (*rados.IOContext, error) {
 	if rv.conn == nil {
-		conn, err := connPool.Get(rv.Pool, rv.Monitors, cr.KeyFile)
+		conn, err := connPool.Get(rv.Pool, rv.Monitors, cr.ID, cr.KeyFile)
 		if err != nil {
 			return nil, errors.Wrapf(err, "failed to get connection")
 		}

diff --git a/pkg/util/conn_pool.go b/pkg/util/conn_pool.go
@@ -95,14 +95,14 @@ func (cp *ConnPool) Destroy() {
 	}
 }
 
-func (cp *ConnPool) generateUniqueKey(pool, monitors, keyfile string) (string, error) {
+func (cp *ConnPool) generateUniqueKey(pool, monitors, user, keyfile string) (string, error) {
 	// the keyfile can be unique for operations, contents will be the same
 	key, err := ioutil.ReadFile(keyfile) // nolint: gosec, #nosec
 	if err != nil {
 		return "", errors.Wrapf(err, "could not open keyfile %s", keyfile)
 	}
 
-	return fmt.Sprintf("%s|%s|%s", pool, monitors, string(key)), nil
+	return fmt.Sprintf("%s|%s|%s|%s", pool, monitors, user, string(key)), nil
 }
 
 // getExisting returns the existing rados.Conn associated with the unique key.
@@ -120,8 +120,8 @@ func (cp *ConnPool) getConn(unique string) *rados.Conn {
 // Get returns a rados.Conn for the given arguments. Creates a new rados.Conn in
 // case there is none in the pool. Use the returned unique string to reduce the
 // reference count with ConnPool.Put(unique).
-func (cp *ConnPool) Get(pool, monitors, keyfile string) (*rados.Conn, error) {
-	unique, err := cp.generateUniqueKey(pool, monitors, keyfile)
+func (cp *ConnPool) Get(pool, monitors, user, keyfile string) (*rados.Conn, error) {
+	unique, err := cp.generateUniqueKey(pool, monitors, user, keyfile)
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed to generate unique for connection")
 	}
@@ -135,7 +135,7 @@ func (cp *ConnPool) Get(pool, monitors, keyfile string) (*rados.Conn, error) {
 
 	// construct and connect a new rados.Conn
 	args := []string{"-m", monitors, "--keyfile=" + keyfile}
-	conn, err = rados.NewConn()
+	conn, err = rados.NewConnWithUser(user)
 	if err != nil {
 		return nil, errors.Wrapf(err, "creating a new connection failed")
 	}