doc/rbd: refine "Create a Block Device User" by zdover23 · Pull Request #49283 · ceph/ceph

zdover23 · 2022-12-06T14:21:58Z

Refine "Create a Block Device User" in doc/rbd/rados-rbd-cmds.rst.

https://tracker.ceph.com/issues/57001

Signed-off-by: Zac Dover zac.dover@gmail.com

Contribution Guidelines

To sign and title your commits, please refer to Submitting Patches to Ceph.
If you are submitting a fix for a stable branch (e.g. "pacific"), please refer to Submitting Patches to Ceph - Backports for the proper workflow.

Checklist

Tracker (select at least one)
- References tracker ticket
- Very recent bug; references commit where it was introduced
- New feature (ticket optional)
- Doc update (no ticket needed)
- Code cleanup (no ticket needed)
Component impact
- Affects Dashboard, opened tracker ticket
- Affects Orchestrator, opened tracker ticket
- No impact that needs to be tracked
Documentation (select at least one)
- Updates relevant documentation
- No doc update is appropriate
Tests (select at least one)
- Includes unit test(s)
- Includes integration test(s)
- Includes bug reproducer
- No tests

Show available Jenkins commands

jenkins retest this please
jenkins test classic perf
jenkins test crimson perf
jenkins test signed
jenkins test make check
jenkins test make check arm64
jenkins test submodules
jenkins test dashboard
jenkins test dashboard cephadm
jenkins test api
jenkins test docs
jenkins render docs
jenkins test ceph-volume all
jenkins test ceph-volume tox
jenkins test windows

idryomov · 2022-12-06T14:55:44Z

doc/rbd/rados-rbd-cmds.rst

+OSD caps (capabilities):

-        ceph auth get-or-create client.{ID} mon 'profile rbd' osd 'profile {profile name} [pool={pool-name}][, profile ...]' mgr 'profile rbd [pool={pool-name}]'
+.. prompt:: bash #


Suggested change

.. prompt:: bash #

.. prompt:: bash $

Do we think most people won't be running as root?

I certainly hope so. And even if they will be we shouldn't be encouraging it with #...

%s/bash #/bash $/g - this change is in now.

idryomov · 2022-12-06T14:59:28Z

doc/rbd/rados-rbd-cmds.rst


-To `create a Ceph user`_, with ``ceph`` specify the ``auth get-or-create``
-command, user name, monitor caps, and OSD caps::
+To `create a Ceph user`_, use the ``ceph`` command with the ``auth


Nit: I'd just say use "ceph auth get-or-create" command, without splitting "ceph" and "auth get-or-create" parts. It's also how this command is referenced below -- when talking about the output.

You're right. This change is in.

idryomov · 2022-12-06T15:01:11Z

doc/rbd/rados-rbd-cmds.rst

-Unless specified, the ``rbd`` command will access the Ceph cluster using the ID
-``admin``. This ID allows full administrative access to the cluster. It is
-recommended that you utilize a more restricted user wherever possible.
+Unless otherwise specified, the ``rbd`` command uses the ID ``admin`` to access the Ceph cluster. The ``admin`` ID allows full administrative access to the cluster. We recommend that you acess the Ceph cluster with an ID that has fewer permissions than the ``admin`` ID does. We call this non-``admin`` ID a "block device user" or "Ceph user".


Instead of bare "ID", I'd use "user ID" everywhere.

I might suggest "Ceph user" instead, I think "user ID" is even more likely to be confused with Linux /etc/passwd-type users.

I'm going to go with "Ceph user ID" for now, for minimum ambiguity.

anthonyeleven

non-blocking suggestions

anthonyeleven · 2022-12-06T15:17:49Z

doc/rbd/rados-rbd-cmds.rst

-Unless specified, the ``rbd`` command will access the Ceph cluster using the ID
-``admin``. This ID allows full administrative access to the cluster. It is
-recommended that you utilize a more restricted user wherever possible.
+Unless otherwise specified, the ``rbd`` command uses the ID ``admin`` to access the Ceph cluster. The ``admin`` ID allows full administrative access to the cluster. We recommend that you acess the Ceph cluster with an ID that has fewer permissions than the ``admin`` ID does. We call this non-``admin`` ID a "block device user" or "Ceph user".


I might suggest "Ceph user" instead, I think "user ID" is even more likely to be confused with Linux /etc/passwd-type users.

anthonyeleven · 2022-12-06T15:18:11Z

doc/rbd/rados-rbd-cmds.rst


-To `create a Ceph user`_, with ``ceph`` specify the ``auth get-or-create``
-command, user name, monitor caps, and OSD caps::
+To `create a Ceph user`_, use the ``ceph`` command with the ``auth


anthonyeleven · 2022-12-06T15:18:36Z

doc/rbd/rados-rbd-cmds.rst

+OSD caps (capabilities):

-        ceph auth get-or-create client.{ID} mon 'profile rbd' osd 'profile {profile name} [pool={pool-name}][, profile ...]' mgr 'profile rbd [pool={pool-name}]'
+.. prompt:: bash #


Do we think most people won't be running as root?

Refine "Create a Block Device User" in doc/rbd/rados-rbd-cmds.rst. https://tracker.ceph.com/issues/57001 Signed-off-by: Zac Dover <zac.dover@gmail.com>

zdover23 · 2022-12-07T11:32:28Z

#49300 - Quincy backport
#49301 - Pacific backport

zdover23 requested a review from a team December 6, 2022 14:21

zdover23 requested a review from a team as a code owner December 6, 2022 14:21

github-actions bot added documentation rbd labels Dec 6, 2022

idryomov reviewed Dec 6, 2022

View reviewed changes

anthonyeleven approved these changes Dec 6, 2022

View reviewed changes

zdover23 force-pushed the wip-doc-2022-12-06-rbd-rados-rbd-cmds-create-a-block-device-user-semantics branch 2 times, most recently from 3410e59 to 7bf0e58 Compare December 6, 2022 19:38

zdover23 requested a review from idryomov December 6, 2022 19:40

doc/rbd: refine "Create a Block Device User"

51bc438

Refine "Create a Block Device User" in doc/rbd/rados-rbd-cmds.rst. https://tracker.ceph.com/issues/57001 Signed-off-by: Zac Dover <zac.dover@gmail.com>

zdover23 force-pushed the wip-doc-2022-12-06-rbd-rados-rbd-cmds-create-a-block-device-user-semantics branch from 5b9df7b to 51bc438 Compare December 7, 2022 03:58

zdover23 requested a review from anthonyeleven December 7, 2022 04:14

anthonyeleven approved these changes Dec 7, 2022

View reviewed changes

zdover23 merged commit b460d28 into ceph:main Dec 7, 2022

Conversation

zdover23 commented Dec 6, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Contribution Guidelines

Checklist

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

idryomov Dec 6, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

anthonyeleven left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

zdover23 commented Dec 7, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

zdover23 commented Dec 6, 2022 •

edited

Loading

idryomov Dec 6, 2022 •

edited

Loading